'Your Files Have Been Blocked' Ransomware

Posted: June 7, 2017

'Your Files Have Been Blocked' Ransomware Description

The 'Your Files Have Been Blocked' Ransomware is a Trojan that may lock your files or add new extensions to their names. Its attacks include a pop-up asking for ransom payments to unlock your content, although victims should know that malware experts are rating its decryption feature as being non-functional. Anti-malware programs may be able to block or uninstall the 'Your Files Have Been Blocked' Ransomware, and backups can help you restore your content with as little trouble as possible.

When Trojans Shoot Their Hostages and Lie about It

The basic outline of file encryption-based extortion campaigns always includes at least one stage of convincing the victims that the best way to recover their data is to pay the con artist. Such social engineering strategies can differ in how much or what kinds of pressure they use to incite a profitable reaction drastically, but, usually, involve a given amount of lying. The 'Your Files Have Been Blocked' Ransomware, a recent file-encrypting threat identified by malware experts, is a stranger case, thanks to its dishonesty being unintentional partially.

The fundamentals of the 'Your Files Have Been Blocked' Ransomware's attacks are similar to those of other file-encrypting threats from families like Hidden Tear, even though malware experts don't see connections between this Trojan and previous ones. The 'Your Files Have Been Blocked' Ransomware locks different files on your PC (excluding EXE and LNK) with an encryption algorithm, and includes cosmetic name changes that insert '.lock' extensions after the original ones.

After blocking your files, to motivate the ransom payments it demands, the 'Your Files Have Been Blocked' Ransomware loads a pop-up window that explains its attack. The Trojan's author, self-named as Kamil, asks for 50 Bitcoins to decrypt the media, making it a campaign targeting smaller systems than traditional business servers. However, malware experts noted significant bugs in the 'Your Files Have Been Blocked' Ransomware's code that will prevent the decryptor from working, making paying a futile solution.

Getting Past a Lock that will not Accept Premium Keys

Future recovery possibilities versus the 'Your Files Have Been Blocked' Ransomware depend on what actions Kamil takes for updating the Trojan. If its decryption bugs are corrected, waiting three hours and clicking the decryptor four times may let you decode your files without paying. More reliable ways of recovering content include using the free decryption tools that the anti-malware industry provides or reverting to your last backup. Because Bitcoin transactions don't use standard refund protections, malware experts advise engaging in them in these scenarios, or whenever the recipient isn't trustworthy implicitly.

The 'Your Files Have Been Blocked' Ransomware may try to install itself through email attachments, exploit kits hosted on a compromised site, or by bundling with other programs. Security software in general and anti-malware products in specific can protect your PC from most of these attacks. Preventing the encryption by deleting the 'Your Files Have Been Blocked' Ransomware right away always is less arduous than undertaking a complete recovery process, which can encompass a rich range of data types, and use complex (and sometimes, unbreakable) ciphers.

The 'Your Files Have Been Blocked' Ransomware seems to be an independent program with no links to Hidden Tear or other Trojan groups that are prominent in 2017. Its relative simplicity doesn't convert into safety for a victim directly, and, in fact, can even be more detrimental than the payload of a Trojan that's working as its author intends.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to 'Your Files Have Been Blocked' Ransomware may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Home Malware Programs Ransomware 'Your Files Have Been Blocked' Ransomware

Leave a Reply

Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter. If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.