Smash Ransomware
Posted: November 5, 2016
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Threat Level: | 10/10 |
|---|---|
| Infected PCs: | 92 |
| First Seen: | November 5, 2016 |
|---|---|
| OS(es) Affected: | Windows |
The Smash Ransomware is a Trojan that threatens to delete your files after a countdown, while also offering the victim an option (most likely leading to ransom demands) to prevent this consequence. Because the Smash Ransomware includes numerous incomplete or partially-working features, PC users don't need to enact any data restoration strategies for counteracting this threat's payload. Regardless, malware experts recommend removing the Smash Ransomware with your anti-malware tools for your PC's safety.
A Mushroom that's Less Poisonous than One Might Assume
When lying to one's victims is such an indispensable part of most threat campaigns, it shouldn't surprise readers to learn that many Trojans aren't honest about how they attack your computer. The Smash Ransomware, one threat malware experts recently detected, delivers false information about deleting your files. Because such attacks are genuine parts of other campaigns, such as the Jigsaw Ransomware, the Smash Ransomware's bluff is believable and could push a victim into paying a ransom for no reason.
The Smash Ransomware also shows notable differences from most screen-locking and file-encrypting Trojans that malware experts saw throughout the past year. Its payload includes a string of Windows pop-up windows announcing its presence in poor English. Clicking past the message brings the PC user to a fake 'file kill timer,' shown as a progress bar, along with an image of a Nintendo's Mario-brand mushroom. The Smash Ransomware claims that it will delete 'all of your files forever' at the timer's conclusion, and provides a field for entering an unlock key, as well as what appears to be a ransom payment button.
Many of the Smash Ransomware's features are incomplete placeholder material, with the underlying code consisting of functions with no contents besides their names and accepted parameters. Malware experts can confirm that the Smash Ransomware can't delete, encrypt, or otherwise modify your local files currently, making this Trojan almost harmless.
Smashing a Trojan Whose Threats are Bigger than Its Features
Regrettably, the sloth of the Smash Ransomware's coder hasn't extended to all features of this work-in-progress, which can restrict your access to various, essential security applications. As a Windows-specific threat, the Smash Ransomware blocks programs including the Registry Editor and Task Manager. Although the Smash Ransomware can't be auto-terminated easily while it's running, this screen-locker Trojan lacks any auto-start exploits, and PC owners should try restarting their computers as a first disinfection step.
The Smash Ransomware most likely is an amateur effort or even a joke program and shows few of the professional characteristics malware experts see in high-level threats. A PC compromised by the Smash Ransomware does harbor real security issues, such as being unable to determine which memory processes are open, and you should remove this Trojan according to the same guidelines one would follow against any threat. After rebooting your computer, let your anti-malware security solutions delete the Smash Ransomware and all associated threats that may have installed it.
Most threat campaigns don't abide by the concept of honesty being the best policy, and the occasional surfacing of Trojans like the Smash Ransomware does everything possible to prove the dangers of taking a Trojan at its word.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.