Home Malware Programs Ransomware YOUR_LAST_CHANCE Ransomware

YOUR_LAST_CHANCE Ransomware

Posted: July 18, 2019

The YOUR_LAST_CHANCE Ransomware is a file-locking Trojan that can block your documents, pictures, spreadsheets and other media by encrypting it. The YOUR_LAST_CHANCE Ransomware payload includes creating Notepad ransoming messages that ask for negotiations through Jabber or free e-mail accounts. All users should prepare backups that are safe from localized encryption attacks and resolve infections by having a dedicated anti-malware program to remove the YOUR_LAST_CHANCE Ransomware.

The Danger of Leaving Your Media's Safety Up to Chance

One of the quieter families of file-locking Trojans is waking up with a new campaign and, presumably, another threat actor acting as its administrator. The Crypton Ransomware family's Cry36 Ransomware branch is sprouting into the YOUR_LAST_CHANCE Ransomware, another threat that can block digital media and uses the attack for extorting money. Malware experts have yet to lend any clarity on its infection strategies, but they do assert that the Trojan is live and compromising victims in the wild as of mid-July.

The YOUR_LAST_CHANCE Ransomware's signature traits include encryption, which it leverages for stopping the user's documents, pictures, and other, digital media from opening, as well as adding tags onto their names (an ID and the text from the Trojan's name), and creating a ransom note. The last of these symptoms, a plain text message, offers victims three, free e-mails for contacting the criminal and buying his unlocker, which he describes as being a version of the Nemesis Ransomware decryptor. It also offers Jabber support, a la Acton Ransomware or members of the Scarab Ransomware like the 'online24files@airmail.cc' Ransomware.

This family's encryption method is secure against third-party decryption solutions, like many of the more successful, file-locker Trojans of 2019. While malware experts can't confirm the YOUR_LAST_CHANCE Ransomware's deleting backups or the Shadow Volume Copy-related content, users can assume that local backup data is at risk, and should depend on external storage for recovering anything of value.

A Better Kind of Last Chance for Your Files

Saving additional copies of one's work to a secured cloud service or a removable device, such as any USB, is an always-relevant defense against file-locking Trojans from every family, not just the YOUR_LAST_CHANCE Ransomware. There also are cases of Trojans not removing the Shadow Volume Copies, rarely, which facilitates the recovery of your work through Restore Points and data reconstruction utilities. Paying the ransom is not ideal for any users, regardless of the cost, since criminals can take the payment without giving a decryptor back – at no risk of suffering from a refund.

Infection strategies for Trojans of this class tend towards e-mail, for business and government sectors, as well as torrents and website-hosted EKs or Exploit Kits, for casual users. Maintaining suitable security practices for servers, such as turning RDP off, will lessen any chances of an attack. Individuals can keep their systems safer by disabling content like JavaScript and Flash from running in their browsers, using unique login credentials, and opening downloads only after verifying their safety.

Most anti-malware programs can detect threats of this category easily and should remove the YOUR_LAST_CHANCE Ransomware immediately and without requiring any special assistance.

The YOUR_LAST_CHANCE Ransomware could be as much of the last chance for a Trojan family's profit margins as it is one for any victims to re-acquire their media. How much money it sees in its campaign is up to those who choose to back their files up – or not entirely.

Loading...