Ziggy Ransomware
The Ziggy Ransomware is a file-locking Trojan without a related family or Ransomware-as-a-Service. Symptoms of its attacks include files not opening, new extensions on the files that have the Trojan's ransoming credentials, and the appearance of a pop-up with ransoming instructions. Users should let their dedicated security solutions remove the Ziggy Ransomware and, whenever possible, restore their data from a backup instead of paying the ransom.
Words Collected from Out of Other Trojans' Mouths
With samples of its executable file coming in as of the end of 2020, the Ziggy Ransomware is a stereotypical start to the next year. This Trojan is a file-locking threat, similar to countless others, a la Scarab Ransomware, Dharma Ransomware or NEFILIM Ransomware families. Besides the typical encryption for blockading data, the Ziggy Ransomware is most worth remembering for its offhand theft of a ransom note template from Russia's Scarab Ransomware family, which might result in victims jumping to inaccurate conclusions.
The Ziggy Ransomware is a Windows-based program that conducts the usual file-locking attacks of encrypting users' media, like RTF or DOC documents, JPG or BMP pictures, and Excel spreadsheets and so on. A supplementary aspect is the addition of extensions to these files, including the 'ziggy' string, serial numbers for victims and the attacker's e-mail (for negotiating). Although the campaign depends on monetizing the file decryptor or unlocker for a ransom, the cost isn't known.
The Trojan also uses a particularly hard-to-miss ransom note: an executable component (not to be confused with the Trojan's original EXE) that launches a pop-up with its instructions. The English text is very similar to some branches of Scarab Ransomware's family, with touches that malware experts consider traditional: claims of a generic 'security problem' with the PC, Bitcoin ransom demands and warnings against recovery by other methods.
Tending to Data Loss without Rewarding Hackers for the Trouble
Neglecting a backup is the primary means through users' losing data to file-locking Trojans, whether they're new ones like the Ziggy Ransomware or ones as ancient as Jigsaw Ransomware. Users that often save their work onto other devices can recover without concern for the encryption security or decryptor's cost. Many file-locker Trojans will delete the local Restore Points or encrypt unprotected, network-available storage and users should take these issues into account while preserving their digital media.
Besides confirming its Windows OS requirement, malware experts have little to say concerning its victims' demographics or how the Ziggy Ransomware circulates. Attackers may drop Trojans like this after brute-forcing past a weak password or using exploits on out-of-date server software. Additional infection sources also include torrents, fake software updates from advertising networks and e-mail attachments.
Relatively few cyber-security products are incapable of detecting the vast majority of these threats. Users with sufficient anti-malware protection can use their services for deleting the Ziggy Ransomware on sight without experiencing the full effect of its payload.
The Ziggy Ransomware has no surprises for anyone familiar with the workings of the archetypal file-locking Trojan. Those most likely to 'enjoy' its payload are those who are the least informed, so the Ziggy Ransomware still has a hope of profiteering.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.