Verrouille Ransomware
Posted: March 29, 2017
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
Threat Level: | 8/10 |
---|---|
Infected PCs: | 7,221 |
First Seen: | March 29, 2017 |
---|---|
Last Seen: | June 23, 2022 |
OS(es) Affected: | Windows |
The Verrouille Ransomware (or 'Locked' Ransomware) is a Trojan that tries to ransom your files by encrypting them and selling you the decryption solution. Symptoms of its attacks can impede other recovery actions by locking you out of other software or the Windows user interface. Numerous anti-malware products should be able to remove the Verrouille Ransomware after detecting it immediately, even though recovering all locked files may require a remote backup or other solutions.
Trojans Putting Time Pressure on Again, and Again
The relative success of the Jigsaw Ransomware and its fellow variants is leading to threat actors experimenting with similar ways of pressuring their victims with a limited time to respond. While not a direct relative, the new Verrouille Ransomware uses similar social engineering tactics to coerce you into paying money to unlock your files and desktop. PC users who choose to ignore the Verrouille Ransomware's warnings and take no further actions may find that the contents of their PCs are being deleted, one file at a time.
Malware experts have seen different releases of the Verrouille Ransomware in both French and English, although some samples show evidence of a buggy behavior, such as server networking errors. Working versions of the Verrouille Ransomware will encrypt files on your PC based on either their formats, such as DOC, or their locations, such as the Users directory. The Verrouille Ransomware, then, generates a semi-interactive pop-up showing its ransom demands for your encoded and unusable files.
Both language versions of the Verrouille Ransomware show the same message: instructions for purchasing and transferring Bitcoins to the threat actor, after which you can click on the window's 'verify' button to remove the threat and decode your media. Malware experts also are seeing a companion message alongside the ransom demand that forms the Verrouille Ransomware's most distinctive feature: a ten-minute timer. The Verrouille Ransomware deletes an arbitrary encrypted file every time this cycling countdown hits zero.
Opting out of Your Ten-Minutes Penalty
With the long-term safety of your files being up to responding quickly to extortion, and the rest of your PC's UI blocked by its message window, the Verrouille Ransomware locks down the infected system for profit efficiently. Malware analysts recommend defeating this increasingly common combination of attacks and social engineering manipulation by disabling the Verrouille Ransomware, such as by rebooting directly from your USB drive, before taking other recovery steps.
The anti-malware sector often develops freeware tools that can decrypt major families of file-encrypting Trojans like the Verrouille Ransomware. Despite that possibility, the Verrouille Ransomware is still under investigation for the possibility of decoding, which always is inferior in reliability, compared to having a backup available. Only fully delete the Verrouille Ransomware with your anti-malware software of choice after making a decision about how you intend to save any encrypted content. In the meantime, most security solutions can quarantine the Verrouille Ransomware safely.
With this Trojan's linguistic features taking precedence over the integrity of its remote ransom-tracking servers apparently, the Verrouille Ransomware's authors may be getting ahead of themselves. Readers can hope that this campaign will stay buggy, but should back up their files, regardless.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.