'Supportfriend@india.com' Ransomware
Posted: September 2, 2016
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Threat Level: | 10/10 |
|---|---|
| Infected PCs: | 86 |
| First Seen: | September 2, 2016 |
|---|---|
| OS(es) Affected: | Windows |
The 'Supportfriend@india.com' Ransomware is a Trojan built from CrySiS, a ransomware-based kit that different remote attackers may pay for creating custom, file-encrypting threats. Symptoms of the 'Supportfriend@india.com' Ransomware infections include the presence of ransom instructions, strange extensions on your files, and, most importantly, being unable to use any content affected by the encryption attack. Victims should delete the 'Supportfriend@india.com' Ransomware with advanced anti-malware technology and use free means of data recovery.
A Friend Your PC Should Never Hope to Meet
As anti-malware solutions improve at detecting recent spin-offs of old threats, con artists, too, must update their campaigns and revise their threatening software. The Crysis family is one of the year's most relevant examples of this struggle. Con artists pay a fee to access the CrySiS builder and then create a personal file encryption Trojan, such as the Mailrepa.lotos@aol.com Ransomware, the Gerkaman@aol.com Ransomware, the Masterlock@india.com Ransomware or the 'Supportfriend@india.com' Ransomware.
The 'Supportfriend@india.com' Ransomware is a recent variant whose campaign most likely began in late August, using infection vectors malware researchers have yet to analyze. The 'Supportfriend@india.com' Ransomware uses what is, by now, the standard techniques of its family to scan for files not needed for the Windows's stability, including those saved in any removable and remote drives. Then, they're encrypted and given name modifications consisting of a customized ID string, the 'Supportfriend@india.com' Ransomware's e-mail address for ransom-related messages, and the '.xtbl' extension (which Troldesh Ransomware also uses).
After these attacks, the 'Supportfriend@india.com' Ransomware creates encryption warning messages that include recommendations on transferring ransom money in return for getting access to the con artists' decryption program. Before considering paying, readers should be aware that con artists affiliated with the 'Supportfriend@india.com' Ransomware's family have histories of taking money without delivering any decryption help, leaving the victim poorer and, still, the owner of encrypted files.
Trimming a Trojan Family of Digital Extortionists
Because of the restricted decryption solutions around the Crysis Ransomware variants, the most important data protection strategy malware experts can recommend is using the backup technology. By backing your information up to a source not accessible to the 'Supportfriend@india.com' Ransomware, you can disinfect your PC and restore any encrypted content without needing to break the Trojan's cipher. In the case of other families of similar threats, the PC security sector often provides free decryption programs, although relying on them too heavily is not recommended.
The symptoms of the 'Supportfriend@india.com' Ransomware infections are most obviously discernible after the encryption damage takes place. To prevent it, avoid common vulnerabilities abused by threat actors associated with the Crysis Ransomware, of which attached e-mail files is, overall, the most significant. Keeping anti-malware solutions with system monitoring features also can assist with detecting or deleting the 'Supportfriend@india.com' Ransomware, which is a memory-persistent threat that auto-launches with each reboot.
The 'Supportfriend@india.com' Ransomware is part of a well-analyzed family of threats, but preventing the infection remains the best chance a potential victim has to avoid a ransom scenario. If any of your files have a financial value, spending the time to keep them protected can save you from the twenty-two situation of having to trust a con artist with your money or writing off your content.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.