Home Malware Programs Ransomware Ziggy Ransomware

Ziggy Ransomware

Posted: January 5, 2021

The Ziggy Ransomware is a file-locking Trojan without a related family or Ransomware-as-a-Service. Symptoms of its attacks include files not opening, new extensions on the files that have the Trojan's ransoming credentials, and the appearance of a pop-up with ransoming instructions. Users should let their dedicated security solutions remove the Ziggy Ransomware and, whenever possible, restore their data from a backup instead of paying the ransom.

Words Collected from Out of Other Trojans' Mouths

With samples of its executable file coming in as of the end of 2020, the Ziggy Ransomware is a stereotypical start to the next year. This Trojan is a file-locking threat, similar to countless others, a la Scarab RansomwareDharma Ransomware or NEFILIM Ransomware families. Besides the typical encryption for blockading data, the Ziggy Ransomware is most worth remembering for its offhand theft of a ransom note template from Russia's Scarab Ransomware family, which might result in victims jumping to inaccurate conclusions.

The Ziggy Ransomware is a Windows-based program that conducts the usual file-locking attacks of encrypting users' media, like RTF or DOC documents, JPG or BMP pictures, and Excel spreadsheets and so on. A supplementary aspect is the addition of extensions to these files, including the 'ziggy' string, serial numbers for victims and the attacker's e-mail (for negotiating). Although the campaign depends on monetizing the file decryptor or unlocker for a ransom, the cost isn't known.

The Trojan also uses a particularly hard-to-miss ransom note: an executable component (not to be confused with the Trojan's original EXE) that launches a pop-up with its instructions. The English text is very similar to some branches of Scarab Ransomware's family, with touches that malware experts consider traditional: claims of a generic 'security problem' with the PC, Bitcoin ransom demands and warnings against recovery by other methods.

Tending to Data Loss without Rewarding Hackers for the Trouble

Neglecting a backup is the primary means through users' losing data to file-locking Trojans, whether they're new ones like the Ziggy Ransomware or ones as ancient as Jigsaw Ransomware. Users that often save their work onto other devices can recover without concern for the encryption security or decryptor's cost. Many file-locker Trojans will delete the local Restore Points or encrypt unprotected, network-available storage and users should take these issues into account while preserving their digital media.

Besides confirming its Windows OS requirement, malware experts have little to say concerning its victims' demographics or how the Ziggy Ransomware circulates. Attackers may drop Trojans like this after brute-forcing past a weak password or using exploits on out-of-date server software. Additional infection sources also include torrents, fake software updates from advertising networks and e-mail attachments.

Relatively few cyber-security products are incapable of detecting the vast majority of these threats. Users with sufficient anti-malware protection can use their services for deleting the Ziggy Ransomware on sight without experiencing the full effect of its payload.

The Ziggy Ransomware has no surprises for anyone familiar with the workings of the archetypal file-locking Trojan. Those most likely to 'enjoy' its payload are those who are the least informed, so the Ziggy Ransomware still has a hope of profiteering.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to Ziggy Ransomware may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria .

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.