Home Malware Programs Ransomware Sun Ransomware

Sun Ransomware

Posted: October 18, 2019

The Sun Ransomware is a file-locking Trojan whose attacks will block your digital media files, such as documents or pictures. The Sun Ransomware does so with the intent of extorting money later in a ransoming transaction, although paying isn't a guarantee of data recovery. Establishing secure backups is a mandatory defense against these threats, although most anti-malware programs should delete the Sun Ransomware immediately.

The Sunshine Burning Up Your Files

The occasional surfacing of Trojans that are independent of established businesses and brands like Utku Sen's Hidden Tear or the Dharma Ransomware family remind the world that cyber-attacks have the same potential for individuality as their Black Hat programmers. The Sun Ransomware is a new 'lone wolf' style of file-locking Trojan whose practices align with those of well-known competition but has no relationship with them. Sadly, for the victims, this independence makes it that much less likely that a free unlocker cure will appear.

While malware experts have yet to examine the Sun Ransomware's encryption routine, it targets and locks media files, which can range from documents to archives or movies. It also flags them by inserting an extension into their names, which is a traditional practice among file-locking Trojans. In the Sun Ransomware's payload, it appends '.sun.'

Besides the extension showing what content can't open, the Sun Ransomware also has another identifier: its ransoming instructions. This HTML message uses grammatically-poor English for providing demands of visiting their TOR (an anonymity-enabling network) website. Some issues that help the Sun Ransomware stand out are the unique formatting of the victim's Base64 ID and the website. The latter has additional, Europe-centric language options and asks for a 'secret message.'

Perfect Parasols for Avoiding a Digital Tan

Due to many unknown elements in the Sun Ransomware's campaign, malware analysts are confident in endorsing preemptive backup strategies as being the superior, and perhaps, only, defense against the Trojan's encryption. Backing up media to devices such as USBs, or cloud services, can keep it out of harm's way from file-locking Trojans of all types. Additionally, victims paying ransoms for the decryption help, often, get nothing out of it.

There are, however, basic safety guidelines that could keep the Sun Ransomware from circulating, in most circumstances. Conservative password management will prevent criminals from brute-forcing a login and gaining admin privileges. Disabling RDP will deny one of the most natural backdoor attack possibilities. Scanning downloads and leaving scripts and macros inactive will circumvent most drive-by-download opportunities.

As the final line of defense, professional anti-malware programs can remove the Sun Ransomware infections or block attempted ones.

The Sun Ransomware is shining its greed down on Windows PCs without illuminating any clues about the difficulty of recovery. But, if its victims are diligent about their backup solutions, it will not make any profit out of its efforts.

Related Posts

Loading...