News

Important Data Encrypted and $300 "Ransom" Extorted by Hackers

2013-11-21

   Since its emergence this year,Ransomlock malware has been a cause for concern. According to Baidu Antivirus security experts, the Baidu Antivirus Cloud Engine has detected that some users still face this threat. These users cannot take this threat lightly. This virus primarily spreads through email and begins its work after a user inadvertently opens a malicious attachment. Rather than making it impossible to use the computer, the virus encrypts important files on the user's computer. Then, it warns users that they must pay $300 to decrypt their files. If they are unwilling to pay within the specified period, the extortionists will commit "murder" by permanently deleting the decryption key.

 

   Ransomlock searches for 67 file types to target for advanced encryption, including the Office files (e.g. doc, xls, ppt)commonly used by companies, the AutoCAD and Adobe files (e.g. dwg, psd) often used by design engineers, the original files for photos (e.g. RAW) saved from adigital camera, and even database files (e.g. mdb). From the types of files infected, it is clear that the extortionists mainly target users holding important data (e.g. financial statements, designs) and users that use adigital camera to record important life events (e.g. pictures of their children or honeymoon). After losing their data, it is very possible that these types of users will pay the demanded ransom. This will increase the arrogance of the extortionists and lead them to make higher demands in the future. Therefore, we recommend that users with important files take the time to back them up. The above findings are based on Baidu Antivirus security experts' analysis.

 

   Ransomlock primarily spreads through email. Therefore, extreme caution is required when opening email attachments, especially when the file extension indicates an executable program. Currently, Baidu Antivirus can defend against the multiple variations of Ransomlock. Users can download the latest version of Baidu Antivirus to ensure their computer's security.

 ‍

   Welcome to follow us:

   Skpye:    baiduantivirus@hotmail.com

   Facebook:    https://www.facebook.com/BaiduAntivirusEN