Shiton Ransomware

Posted: November 18, 2020

Shiton Ransomware Description

The Shiton Ransomware is a file-locking Trojan that's from VoidCrypt Ransomware's family. The Shiton Ransomware continues blocking files using a currently-secure encryption method, along with creating pop-up ransom notes, disabling security features, and removing backups. Most effective anti-malware products should delete the Shiton Ransomware as a danger to your PC before it begins locking files.

Crass Trojans Taking Files to the Void

The VoidCrypt Ransomware's family is gaining new members at a slow but steadily-advancing pace, with variations in threat databases weekly. The Shiton Ransomware is one of the more recent cases in point, occurring roughly adjacent to the Konx Ransomware, its fellow family member. Its choice of name – and extensions – may shock some users with its vulgarity, but the Trojan's encryption is a far more pressing matter for any victim.

The Shiton Ransomware is Windows-based, with a smaller installer of under two megabytes. The Trojan uses command-line features for disabling security and administrative services, such as the firewall or boot-up error messages, as a preliminary for 'softening up' the computer. Then, it proceeds with encrypting most non-essential files, including documents and other media. The encryption includes an extension-appending sub-feature that also adds the Trojan's name and ransoming information for victims (IDs and e-mails).

Users should have few problems with identifying the Shiton Ransomware afterward. The Trojan delivers HTA ransom notes near-identical to close relatives like the Exploit Ransomware, the Peace Ransomware, or the Spade Ransomware. Other than updating the e-mail and ID, the demands are the same as previously: asking for an unknown amount of Bitcoins and threatening an increase in price after forty-eight hours.

While there isn't a freeware decryption tool for the Shiton Ransomware's family, malware experts warn against paying ransoms hastily. Threat actors may not always honor their obligations or send back 'free samples' that include other threats.

Cleaning Up after the Shiton Ransomware Campaign

Users never should assume that the locally-saved Windows Restore Points are always available for recovery after a file-locking Trojan infection. The Shiton Ransomware, like nearly all other Trojans from significant families of 'professionally-coded' threats, will delete backups that are available to it, or encrypt them, too. However, Windows users can preserve their files by copying them over to removable devices or password-protected cloud accounts.

Malware researchers can't yet isolate the infection vectors used for the Shiton Ransomware, although the Trojan appears active in the wild. Users can lower the chances of a drive-by-download by deactivating risky features like JavaScript or Flash while browsing websites. They also should be careful when opening suspicious e-mail attachments, including documents, and avoid illegal download resources like game cracks.

Safe-browsing habits can reduce infection chances, and backups can mitigate any damages, but neither replace the role of dedicated security software. Nearly all anti-malware products will detect and delete the Shiton Ransomware readily, although most detection labels are generic.

The Shiton Ransomware's vulgarity is far less of an issue than the encryption that isn't apparent until the victim tries opening a file. Since its encryption sweeps over most Windows PCs locations, it behooves all users to take the proper protective steps or face a Trojan's all-too-predictable contamination.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to Shiton Ransomware may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Home Malware Programs Ransomware Shiton Ransomware

Leave a Reply

Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter. If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.