JB88 Ransomware

Posted: September 29, 2020

JB88 Ransomware Description

The JB88 Ransomware is a file-locking Trojan that's part of the AES-Matrix Ransomware family. The JB88 Ransomware blocks media files like documents with encryption and deletes their backups while holding them hostage. Anti-malware products should stop infections and remove the JB88 Ransomware, whereas offsite backups can help recover any data.

A Targeted Trojan is Back for More Ransoms

The proliferation of variants with different extensions and names may be more generous with Ransomware-as-a-Services like the Dharma Ransomware family. Still, a smaller size doesn't stop the AES-Matrix Ransomware from being a harmful and expensive threat. This targeted group of Trojans often uses manual deployment strategies, with threat actors compromising targets with potentially high ransoming potential, like a corporate network. The JB88 Ransomware is a recent case showing that these hackers remain 'in business,' at the cost of their victims' files.

The JB88 Ransomware executables often use random names like 'nw9y5y6n,' which isn't unexpected of a threat that attackers install personally. The JB88 Ransomware continues using AES with RSA security for blocking files after gaining access to the computer. This feature stops documents, spreadsheets, music, pictures, and other media formats from opening until the user decrypts them. As an added incentive, the Trojan also can delete some types of local backups.

The traditional ransom note of the AES-Matrix Ransomware family, an RTF document, differs mostly by the e-mail addresses in use. In the JB88 Ransomware case, 'Jonbrown' in different services. This campaign also uses another extension, as per its name, which marks the non-opening files for the victims' benefit. While paying a ransom is fraught with risks, users have no freeware options for recovery of files from this family, thanks to its security.

Layering the Defenses against Trojan Drops

Users can harden their defenses against most file-locker Trojans in many ways concerning families like the AES-Matrix Ransomware, particularly. Disabling RDP or restricting its usage can prevent attackers from gaining remote access to a system. Password choices can impact brute-force attacks' success, and software updates will remove many publicly-known vulnerabilities involving the above scenarios. Workers also should be careful with opening e-mail attachments or enabled advanced document content, such as macros, which tend to associate themselves with file-locking Trojans, RATs, and other threats.

The JB88 Ransomware has few non-cosmetic behaviors separating it from relatives like the AB89 Ransomware, the BG85 Ransomware, the FDFK22 Ransomware, and the Relock Ransomware. Users shouldn't assume that decryption or unlocking services are possible for free. They can, however, save backups appropriately for recovery on cloud services or detachable drives, particularly.

Reliable cyber-security tools should flag members of the AES-Matrix Ransomware family. Samples available to malware analysts suggest that they should contain and delete the JB88 Ransomware (unless an attacker disables them) sufficiently.

A refresh on a text string of random characters doesn't do much for reviving the JB88 Ransomware's business model, but some businesses don't need constant reinvention. Every user who pays the ransoms of these threats is doing nothing more than guaranteeing a future that's full of even more Trojan campaigns.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to JB88 Ransomware may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Home Malware Programs Ransomware JB88 Ransomware

Leave a Reply

Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter. If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.