SuperB Ransomware
Posted: September 11, 2017
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
Threat Level: | 10/10 |
---|---|
Infected PCs: | 14 |
First Seen: | September 13, 2017 |
---|---|
Last Seen: | October 21, 2020 |
OS(es) Affected: | Windows |
The SuperB Ransomware is a Trojan that blocks your files by converting them to data-encrypted formats. The Trojan's payload also may entail hijacking your desktop's background, creating pop-ups, placing new extensions on your files' names, deleting backups and disabling some security software. Always have backups to keep threats of this category from dealing any permanent damage to the contents of your PC and use professional anti-malware products for uninstalling the SuperB Ransomware when possible.
Trojans Guaranteeing a Super Time for Your Files
A new campaign for using encryption to extort money from PC users is underway, with a working ransom-processing page that its author is borrowing from the old Cryptorbit Ransomware attacks of three years ago. Malware experts can find no hard evidence of the SuperB Ransomware's been an update to the previous threat, whose Web page templates also have had similar reuse in the CryptoBit Ransomware campaign. Despite its being a new program, the SuperB Ransomware infections may retain a very similar capability for encoding your files.
Threat actors may attach the SuperB Ransomware to email messages, crafting it to look like a workplace document, an invoice, or a news article, circulate it through piracy software-related domains or install it with the help of third parties like the RIG Exploit Kit. After achieving system access, the SuperB Ransomware scans for files that it can encrypt with a cipher malware experts still are identifying, although most file-locking threats use some variation of the AES encoding. Any encoded and locked files are detectable visually from the '.superB' extensions the SuperB Ransomware appends to their names.
The SuperB Ransomware also may change the Windows wallpaper to an image it chooses, drop text messages on your desktop, or generate pop-ups in various formats. Ransoming instructions from the SuperB Ransomware redirect any victims to its TOR website, which, as noted earlier, is a clone of the Cryptorbit Ransomware's domain. The threat actors are setting all ransoms to a static payment of three hundred USD, with the Bitcoin currency specified to prevent any refunds from taking place without their permission. As usual, victims are asked to take the risk of paying for a separate decryption service that may not arrive.
A Superb Solution to New File-Locking Threats
While the SuperB Ransomware doesn't drop its decryption component in the same payload as its encryption feature, victims may be able to unlock their files with a third-party application. Help from specialized anti-malware researchers can ascertain whether or not this threat's cipher is capable of being broken by decryption programs that are freely available for downloading. Otherwise, malware experts recommend having backups to recover without the need to decode your files.
The current investigation of the SuperB Ransomware's campaign has yet to confirm which installation exploits its author is using to compromise vulnerable PCs. In addition to disguising the SuperB Ransomware as a non-corrupted file, threat actors also may install the Trojan personally after cracking a server's login credentials or enabling Remote Desktop features. Always allow your anti-malware programs to scan new downloads to identify and remove the SuperB Ransomware immediately and use appropriately secure passwords for cutting the risk of brute-force attacks.
Whether or not your media is worth hundreds of dollars is up to you to decide. However, no matter how expensive or cheap your files are, letting the SuperB Ransomware take control of your digital belongings is an experience that only rewards its extortionists.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.