'Your Files Have Been Blocked' Ransomware

The 'Your Files Have Been Blocked' Ransomware is a Trojan that may lock your files or add new extensions to their names. Its attacks include a pop-up asking for ransom payments to unlock your content, although victims should know that malware experts are rating its decryption feature as being non-functional. Anti-malware programs may be able to block or uninstall the 'Your Files Have Been Blocked' Ransomware, and backups can help you restore your content with as little trouble as possible.

When Trojans Shoot Their Hostages and Lie about It

The basic outline of file encryption-based extortion campaigns always includes at least one stage of convincing the victims that the best way to recover their data is to pay the con artist. Such social engineering strategies can differ in how much or what kinds of pressure they use to incite a profitable reaction drastically, but, usually, involve a given amount of lying. The 'Your Files Have Been Blocked' Ransomware, a recent file-encrypting threat identified by malware experts, is a stranger case, thanks to its dishonesty being unintentional partially.

The fundamentals of the 'Your Files Have Been Blocked' Ransomware's attacks are similar to those of other file-encrypting threats from families like Hidden Tear, even though malware experts don't see connections between this Trojan and previous ones. The 'Your Files Have Been Blocked' Ransomware locks different files on your PC (excluding EXE and LNK) with an encryption algorithm, and includes cosmetic name changes that insert '.lock' extensions after the original ones.

After blocking your files, to motivate the ransom payments it demands, the 'Your Files Have Been Blocked' Ransomware loads a pop-up window that explains its attack. The Trojan's author, self-named as Kamil, asks for 50 Bitcoins to decrypt the media, making it a campaign targeting smaller systems than traditional business servers. However, malware experts noted significant bugs in the 'Your Files Have Been Blocked' Ransomware's code that will prevent the decryptor from working, making paying a futile solution.

Getting Past a Lock that will not Accept Premium Keys

Future recovery possibilities versus the 'Your Files Have Been Blocked' Ransomware depend on what actions Kamil takes for updating the Trojan. If its decryption bugs are corrected, waiting three hours and clicking the decryptor four times may let you decode your files without paying. More reliable ways of recovering content include using the free decryption tools that the anti-malware industry provides or reverting to your last backup. Because Bitcoin transactions don't use standard refund protections, malware experts advise engaging in them in these scenarios, or whenever the recipient isn't trustworthy implicitly.

The 'Your Files Have Been Blocked' Ransomware may try to install itself through email attachments, exploit kits hosted on a compromised site, or by bundling with other programs. Security software in general and anti-malware products in specific can protect your PC from most of these attacks. Preventing the encryption by deleting the 'Your Files Have Been Blocked' Ransomware right away always is less arduous than undertaking a complete recovery process, which can encompass a rich range of data types, and use complex (and sometimes, unbreakable) ciphers.

The 'Your Files Have Been Blocked' Ransomware seems to be an independent program with no links to Hidden Tear or other Trojan groups that are prominent in 2017. Its relative simplicity doesn't convert into safety for a victim directly, and, in fact, can even be more detrimental than the payload of a Trojan that's working as its author intends.