Home Malware Programs Ransomware Ssananunak1987@protonmail.com Ransomware

Ssananunak1987@protonmail.com Ransomware

Posted: June 14, 2018

The Ssananunak1987@protonmail.com Ransomware is an update of the B2DR Ransomware family of file-locker Trojans, which use a secure, AES encryption to keep your files from opening. The users can keep backups on secure devices for alleviating any need for paying the ransom for its decryption service, which the threat actors are promoting through associated text messages. Most professional brands of anti-malware products may remove the Ssananunak1987@protonmail.com Ransomware infections or, preferably, stop the threat's install routine.

A Small Trojan Family Grows a Little Less So

The minor family of file-locking Trojans, the B2DR Ransomware, is displaying evidence of a new variant, just days after our malware experts previously could verify the identity of the Reycarnasi1983@protonmail.com Ransomware update. This even newer Trojan, the Ssananunak1987@protonmail.com Ransomware, uses an edited version of the original ransoming message, which suggests that a different group of threat actors are responsible for it. In other areas, the Ssananunak1987@protonmail.com Ransomware also keeps the traditional risks of its threat classification: encrypting and damaging files, possibly, permanently.

The Ssananunak1987@protonmail.com Ransomware uses a secure variant of the AES-256, as opposed to the more frequently broken cryptography attacks that malware analysts see inside of competitors, like Hidden Tear. Pictures, documents, space-compressed archives, and audio are examples of some of the formats of media that the Trojan may lock with this encryption method. Identifying an affected file can be done by searching for any filenames with '.b2fr' extensions and the threat actor's free, Protonmail-based e-mail address.

The Ssananunak1987@protonmail.com Ransomware's authors are restricting information on their ransom demands, but they do use Notepad messages for giving their victims access to a custom TOR website for buying the decryption tool. There isn't a public decryption service for the different variants of B2DR Ransomware, although paying a criminal's ransom is a highly unreliable way of unlocking the encrypted files. This threat's family also may encrypt or delete any local backups, such as the Windows' Shadow Volume Copies.

Denying B2DR Ransomware's Child an Inheritance of Ransoms

The infection strategies that are common to file-locking Trojans often emphasize compromising a PC with the user's misinformed consent, such as by distributing a corrupted document or a mislabeled download link over an e-mail message. Along with e-mail, malware researchers also can point out unsafe RDP or firewall settings and improper network password management as being at fault for many infections. Thanks to the Ssananunak1987@protonmail.com Ransomware's encryption damage not being curable necessarily, avoiding any loss of data should emphasize preventing the attack instead of decrypting an already-locked set of files.

To prevent the Ssananunak1987@protonmail.com Ransomware from harming the only means of restoring the impacted media, PC users always should keep their backups in secondary, secure locations. Malware experts encourage using detached storage drives or cloud services with password protection for this purpose. Otherwise, active anti-malware protection with modernized threat databases should delete the Ssananunak1987@protonmail.com Ransomware immediately and keep the encryption function from loading.

Presuming that your files will be safe, even if you keep them on a PC that's vulnerable to a network-based attack was a faulty assumption long before the B2DR Ransomware family's rise. The Ssananunak1987@protonmail.com Ransomware underlines the already-present tension between those who don't take care of their media versus those who would take advantage of them for it.

Loading...