'wuciwug File Extension' Ransomware
Posted: January 18, 2017
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Threat Level: | 8/10 |
|---|---|
| Infected PCs: | 14 |
| First Seen: | January 18, 2017 |
|---|---|
| OS(es) Affected: | Windows |
The '.wuciwug File Extension' Ransomware is a variant of the Globe3 Ransomware, a Trojan that blocks your files by running their data with an AES cipher. In theory, victims could pay the ransom money the '.wuciwug File Extension' Ransomware asks for to unlock that content, although free solutions usually are available and always are preferable. Malware experts still judge most anti-malware programs able to delete the '.wuciwug File Extension' Ransomware accurately, similarly to other members of the same family.
The Principle of 'What You See is What You Get' Turned to Extortion
Recent efforts by third-party security researchers are finding a new release from the Globe3 Ransomware branch of file-encrypting threats, which malware experts took notice over the improvements to its encryption algorithm previously. The new Trojan, the '.wuciwug File Extension' Ransomware, drops a new ransom message and uses a new extension for any files that it blocks. Its threat actor most likely is deploying it as a new revenue source for a Bitcoin wallet, rather than as a technical improvement to the Globe Ransomware family.
Although the types of files under attack by the '.wuciwug File Extension' Ransomware are awaiting verification, the '.wuciwug File Extension' Ransomware is capable of blocking documents, images, spreadsheets, databases, and other data associated with media or work content. Since the original builder is the Globe3 Ransomware, the '.wuciwug File Extension' Ransomware uses the AES-256, instead of Blowfish, meaning that old decryption solutions can't help unlock the files. Any content so encrypted is detectable by the '.wuciwug' extension that the Trojan appends after the original one (assuming that the user enables visible extensions in filenames).
The '.wuciwug File Extension' Ransomware also creates a ransom message on your desktop with the '.jjj' extension, although no major format changes are otherwise evident. The threat actors make what malware experts find as being the standard demands of requesting Bitcoin payments to a wallet address, after which they may or may not give you a file decryptor via e-mail.
Guaranteeing that What You See on Your Hard Drive is What You've Got
Despite the apparent straightforwardness of its ransoming demands, the '.wuciwug File Extension' Ransomware benefits from using cryptocurrency payments that the victim can't cancel, in case the threat actor doesn't act in good faith. Various cyber security companies do offer decryption assistance for this family, including the Globe3 Ransomware variants like the '.wuciwug File Extension' Ransomware, making those recovery alternatives both cheaper and more dependable. However, the specter of permanent file damage always forces malware experts to recommend that PC users with any one-of-a-kind data save it to a safe backup.
The '.wuciwug File Extension' Ransomware shows no improvements to its code obfuscation or other defenses, and, in fact, has notably bad rates of avoiding being detection from major anti-malware brands. Let your anti-malware programs update themselves when prompted and give them opportunities to analyze any suspicious new files, such as e-mail attachments that may use inaccurate extensions or icons. Removing the '.wuciwug File Extension' Ransomware in this manner beforehand offers a far less arduous disinfection process than one involving the attempted recovery of any encrypted information.
The name of the Globe Ransomware is holding fast as a black market favorite, and, as long as that's true, taking extra care with securing your data can't help but be a good thing against Trojans like the '.wuciwug File Extension' Ransomware.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.