Sicck Ransomware
The Sicck Ransomware is a file-locker Trojan that can encrypt media files throughout your PC so that they will not open. This threat monetizes these attacks by demanding the user's payment of a ransom for the decryptor without any guarantee that it is working. Having non-local backups will keep your work from being encrypted without any free restoration options, and dedicated anti-malware applications may uninstall the Sicck Ransomware and eliminate its chance for causing any further loss of files.
Getting Down with the Ransomware Sickness
A file-locking Trojan of no discernible family is attacking PC users throughout Asia. The Sicck Ransomware provides a broad set of instructions for its victims that would make it just as appropriate for the United States, Canada, or Britain, along with Japanese, Chinese and Korean-speaking regions. Not all of the campaign's details are available, yet, to malware analysts, but many of the other aspects of the Sicck Ransomware's payload include various issues of note concerning manipulating its victims' frames of mind.
The Sicck Ransomware encrypts data in multiple directories on infected PCs using an unknown algorithm, although AES, RSA, and XOR remain particularly likely choices. While it follows the usual convention of adding extensions onto these files, it also is one of the few file-locker Trojans that prepends another text string additionally, which consists of the threat actor's e-mail address. The remainder of the filename is unedited and intact between the address and the 'sicck' extension.
The majority of the unique characteristics that malware researchers find in the Sicck Ransomware belong to its ransoming message, which is a Notepad text file. It deposits this file in the same directories as any encrypted media. The instructions, which ask for a one Bitcoin ransom for the file-recovery solution, support English, Chinese, Korean and Japanese. It also gives the victim a three-day countdown and warns that the threat actor will leak their data to the public if the payment doesn't arrive in time.
Curing the Illness that Consists of Trapped Data
The Sicck Ransomware is not the only file-locking Trojan that tries to manipulate PC owners into paying a ransom in haste. Malware experts also came across similar methods of psychological manipulation in the campaigns of the FriedEx Ransomware and the BitPaymer Ransomware, for two examples. Any readers considering paying the ransom should be aware of that Bitcoin does not offer the conventional, refund-based security measures of other currencies, and these warnings of leaking data publically have always, so far, been bluffs.
Criminals introduce file-locker Trojans to PC users in general regularly, and business networks and vulnerable servers especially, by targeting individuals in e-mail spamming campaigns or brute-forcing their way past the necessary login credentials. Proper password and firewall maintenance will lower the risk of a brute-force attack's success significantly. Meanwhile, most anti-malware products remain capable of deleting the Sicck Ransomware and threats just like it without impediments, whether the Trojan is an e-mail attachment or an active installation.
The Sicck Ransomware is focusing on Asian nations for its efforts at blocking and ransoming files. Nonetheless, most file-locking Trojans don't go as far as the Scarab Ransomware's family for determining what constitutes an appropriate victim, and anyone without a backup should, probably, be starting one.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.