'.zzzzz File Extension' Ransomware
Posted: November 24, 2016
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Threat Level: | 8/10 |
|---|---|
| Infected PCs: | 37 |
| First Seen: | November 28, 2016 |
|---|---|
| Last Seen: | December 2, 2020 |
| OS(es) Affected: | Windows |
The '.zzzzz File Extension' Ransomware is a new version of the '.locky File Extension' Ransomware, a family of Trojans that encodes your files and sells you the decryption service required for restoring them. The Trojan already is in wide distribution, and PC operators should continue backing up their work and double-checking suspicious webmail attachments. Appropriate anti-malware security protocols also can catch and delete the '.zzzzz File Extension' Ransomware initially, saving you any possibility of file damage.
A Poisonous Holiday Gift for the Boss
The always-prolific '.locky File Extension' Ransomware family of Trojans continues splitting into new versions targeting various businesses throughout the world. Its latest update (following after the '.aesir File Extension' Ransomware) is the '.zzzzz File Extension' Ransomware. Although there appears to be some disruption of this threat's network infrastructure, it remains viable as a data-encrypting Trojan able to cause permanent file damage.
Con artists are distributing the '.zzzzz File Extension' Ransomware in spam e-mail campaigns against businesses in Taiwan, the United States, Vietnam and other nations. The spam message disguises itself as a notification from Human Resources regarding receipt issues, with the Trojan dropper for the '.zzzzz File Extension' Ransomware hiding inside of an attached ZIP archive. This attack fits the pattern of the rest of the family, which also uses fake invoice e-mails for infiltrating companies.
When it launches, the JavaScript installer infects the PC with the '.zzzzz File Extension' Ransomware, which begins scanning for any encryption-suitable files on your local and network-accessible drives. Any content that it does encrypt (and, therefore, make unusable) also receives the '.zzzzz' extension that it adds on to the name. The '.zzzzz File Extension' Ransomware uses the AES-based encryption, like many file-encryption Trojans, although malware experts note that flaws from the Trojan's C&C infrastructure may mean that its threat actors will not possess the required decryption key.
Sending Another Stab at Data Ransoming Off to the Big Sleep
The '.zzzzz File Extension' Ransomware still displays TXT messages and desktop background-hijacking images that ask for Bitcoins before giving you any data recovery assistance. Between the '.zzzzz File Extension' Ransomware's existing network issues and the tendency for threat actors to take their ransoms and run, submitting to its extortion demands is a high-risk method of restoring any encoded content. For families without any extant, free decryptors, like the '.zzzzz File Extension' Ransomware's group, malware experts advise keeping backups not susceptible to localized Trojan attacks.
Archive compression is a common tactic for con artists to exploit for obfuscating threatening software beyond the capabilities of some anti-malware solutions to detect it. Always verify the identity of archive-stored attachments or attached documents that are common infection vectors for file-encrypting Trojans of most families, including the '.zzzzz File Extension' Ransomware. Anti-malware solutions may remove the '.zzzzz File Extension' Ransomware, but decryption availability is sometimes uncertain and, in this case, likely of being impossible.
As the upcoming holidays result in increased activity for both businesses and the people that prey on them, individual workers will need to continue exercising good judgment to keep the '.zzzzz File Extension' Ransomware from becoming a problem.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.