'.uk-dealer@sigaint.org File Extension' Ransomware
Posted: February 3, 2017
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
Ranking: | 7,593 |
---|---|
Threat Level: | 8/10 |
Infected PCs: | 389 |
First Seen: | February 3, 2017 |
---|---|
Last Seen: | October 15, 2023 |
OS(es) Affected: | Windows |
The '.uk-dealer@sigaint.org File Extension' Ransomware is a variant of the Jigsaw Ransomware, a Trojan that can lock your files by encrypting them, as well as deleting them. You can diminish the possible damages of the '.uk-dealer@sigaint.org File Extension' Ransomware's payload by keeping backups out of the scope of the infection. Because this threat can remain active and cause further issues, any victims should have a quick response by deleting the '.uk-dealer@sigaint.org File Extension' Ransomware with a proven anti-malware solution.
The Jigsaw Ransomware Campaign is Forming a New Picture
After initially collecting cyber journalism spotlights with its propensity for deleting files, the Jigsaw Ransomware became a lesser-examined threat in the threat black market in comparison to larger Trojan families like the Crysis Ransomware. However, malware analysts sometimes see new builds and forks of the Jigsaw Ransomware, such as the '.uk-dealer@sigaint.org File Extension' Ransomware. As per its new name, this Trojan uses a new extension to mark any files it locks but seems to be an update for the sake of its ransoming and communications infrastructure primarily.
Threat actors may introduce the '.uk-dealer@sigaint.org File Extension' Ransomware to your system by disguising it as a fake Bitcoin-mining application or attaching it to spam e-mails. Immediate symptoms of an infection may include:
- The '.uk-dealer@sigaint.org File Extension' Ransomware may encrypt dozens of different file types, including documents, compressed archives, spreadsheets and PowerPoint presentations. Besides using new extensions for identifying these locked files, you also may browse the text-based list that the Trojan drops (\System32Work\EncryptedFiles.txt).
- You also may see a pop-up (most, but not all previous samples of this family use graphics that they theme after the Saw movie franchise) informing you of the first attack. The '.uk-dealer@sigaint.org File Extension' Ransomware can request a ransom, most usually via Bitcoins, to recover your files. The same window also may include an hourly countdown timer until the '.uk-dealer@sigaint.org File Extension' Ransomware deletes some of the enciphered content automatically.
- The '.uk-dealer@sigaint.org File Extension' Ransomware also may delete files every time your restart your computer.
A Low-Cost Resolution for Puzzling Trojans
While most file-encrypting Trojans try to remove local backups by deleting them, the '.uk-dealer@sigaint.org File Extension' Ransomware and other Jigsaw Ransomware variants are notable for erasing the encrypted files regularly. Victims should avoid rebooting their PCs unless necessary. They also can use alternate restart options, such as Safe Mode, to prevent the '.uk-dealer@sigaint.org File Extension' Ransomware from launching and renewing its attacks.
While malware researchers always encourage backing up data you don't want to lose, the '.uk-dealer@sigaint.org File Extension' Ransomware's family does have a working freeware decryptor. Any encrypted data should be unlockable without paying the ransom that the Trojan’s pop-up demand. PCs with active anti-malware protection also can delete the '.uk-dealer@sigaint.org File Extension' Ransomware before its installation routine completes itself.
As long as old methods of attack continue working, con artists have no motivation to do anything more than rehash old Trojans. Until most PC users learn to make full use of backup strategies, the '.uk-dealer@sigaint.org File Extension' Ransomware and other Jigsaw Ransomware relatives are going to be lucrative parts of the threat marketplace.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.