Home Malware Programs Ransomware TechandStrat Ransomware

TechandStrat Ransomware

Posted: November 3, 2020

The TechandStrat Ransomware is a Windows file-locking Trojan and an update of the Wacatac Ransomware (or DeathRansomware Ransomware). Unlike early versions of that Trojan, the TechandStrat Ransomware can securely encrypt and block media files, along with issuing ransom demands to victims. Robust anti-malware tools may delete the TechandStrat Ransomware, but users may need backups for restoring the lost content.

Meaningful Add-Ons to Experimental Trojans

Although updates have made it unrecognizable from its ancestor, a new version of the DeathRansomware Ransomware – AKA, Wacatac Ransomware – is out in the wild. The TechandStrat Ransomware changes the Trojan program's ransom note and cosmetic symptoms almost in their entirety. What's even worse, though, is the shoring up of Wacatac Ransomware's most significant weakness: the addition of a functional data-blocking method.

The TechandStrat Ransomware locks files through RSA-secured AES encryption, a traditional but effective method for most threats of this classification. Once it completes the attack, blocking documents, pictures, and other digital media formats, it appends a generic 'crypted' extension for letting the victims know which files can't open. An additional language-detection feature also may prevent the TechandStrat Ransomware from installing itself on unwanted user systems (such as Russia-based PCs) or assist with delivering appropriate ransom notes.

For the moment, malware experts only see one ransom note from the TechandStrat Ransomware in English. This text message is different from the first ones by Wacatac Ransomware and asks for e-mail negotiations over data recovery. The threat actor is unexpectedly miserly with the 'free demonstration' option and only offers one free file for unlocking.

The Proper Tech Strategies against Trojan Updates

While early releases of the Wacatac Ransomware were negligible threats to data, the TechandStrat Ransomware is just as capable of sabotaging files as well-known Ransomware-as-a-Services like the Dharma Ransomware. Its note implies that the campaign targets business entities' servers or networks, including virtual machine or VM environments. However, only Windows systems are at risk.

Admins should be careful about selecting passwords that prevent attackers from brute-force hijacking accounts. Malware experts also recommend paying attention to archetypal infection vectors like e-mail-attached documents or spreadsheets, including ones with embedded macros or advanced content. Users leaving these features inactive and maintaining up-to-date software are less at risk from drive-by-download exploits.

Whether at home or in a work environment, all users should back their work up to secure recovery locations. Paying the TechandStrat Ransomware's ransom may not provide any corresponding recovery assistance. Security products should quickly delete the TechandStrat Ransomware but can't break secure encryption to unlock the media.

It's not surprising that the new version of the Wacatac Ransomware boasts the elements of attack that the original builds lacked. The TechandStrat Ransomware's encryption might be as standard as it gets but is none the less a powerful weapon against those without alternative storage options for what's valuable on their PCs.

Loading...