Home Malware Programs Ransomware UselessFiles Ransomware

UselessFiles Ransomware

Posted: May 2, 2018

The UselessFiles Ransomware is a file-locker Trojan that uses encryption to stop your documents and other files from opening. Its attacks can cause potentially permanent loss of data and include attempted extortion via pop-up warnings. Always save backups of your media for reducing the risk of threats of this category, and have anti-malware protection available for deleting the UselessFiles Ransomware or stopping its installation.

Extensions Have Never Been this Honest

Ongoing threat analyses in the cyber-security industry are turning up another file-locking Trojan, the UselessFiles Ransomware, whose campaign may just be starting up, with making Bitcoins as the goal. The threats responsible for dropping it are using multiple means of concealing their identities, both from the PC users and some forms of threat analysis, and any infection is unlikely of issuing a consent prompt during the installation. After installing, the UselessFiles Ransomware commits encryption-based attacks against a variety of digital media formats, encrypting and locking them.

The UselessFiles Ransomware is not a self-evident member of families like the 'freeware' Hidden Tear or the Ransomware-as-a-Service enterprise Crysis Ransomware but does recycle old ransoming instructions from other campaigns. The UselessFiles Ransomware locks an unidentified range of formats, such as Word documents, Excel spreadsheets, or JPG pictures, all of which it also appends with the '.UselessFiles' extension (for instance: 'meadow.jpg.UselessFiles'). The cryptography algorithm may or may not be decryptable for free, and malware experts have yet to determine its security, or whether the UselessFiles Ransomware is using an asymmetric or symmetric method.

The UselessFiles Ransomware also runs an advanced HTML application for creating a pop-up warning to its victims. The message carries instructions on paying three hundred USD, in Bitcoins, to a customized wallet address for the UselessFiles Ransomware's decryption solution. Victims should remember that paying Bitcoins doesn't force the threat actor's provision of a file-unlocking key or application necessarily and many forms of encryption aren't breakable.

Keeping What's Useless Off Your Computer

The threats distributing the UselessFiles Ransomware are Trojan droppers that fake being native components of the Windows operating system (in all cases, so far, 'explorer.exe'). This disguise includes additional, false file data attributing the associated software to Microsoft. While these bogus credentials don't protect it against any cyber-security software, the UselessFiles Ransomware and its related Trojans also include some code obfuscation and packing techniques.

PC users wanting to keep their files unlocked by the UselessFiles Ransomware should back them up to an appropriate storage drive and update the databases of all their security solutions for detecting the Trojan as soon as possible. Circulation methods for this threat's campaign may run fro spam e-mails to targeted, brute-force attacks, as well as exploit kits or infected torrents. As of early May, a substantial minority of anti-malware applications are deleting the UselessFiles Ransomware, and its Trojan droppers, accurately.

Malware analysts have yet to finish gathering evidence of the overall context around the UselessFiles Ransomware's campaign. Its threat actors may be new to the threatening software industry, or they may be experienced con artists rotating to a new Trojan for sidestepping threat detection metrics. The UselessFiles Ransomware's origin is less important than its existence as an overall reminder that it's not safe to stop backing up your work and protecting your computer from mislabeled files.

Loading...