Here we go again – .ZZZZZ Document Virus Ransomware! There has been yet another change to the infamous Locky ransomware virus. We require witnessed previous changes before, as we watched the virus morph from one Norse god to another, with interpretations like .Thor, .Odin, etc.
The latest of its kind was the .Aesir File Virus and that too was a tolerably recent edition to this increasingly dangerous malware family. Now, it looks like the hood masterminds behind this ransomware have come up with favour “improvements” and the extension of the files the virus alters has changed to .ZZZZZ. If nothing else, we can at least say that the hackers aren’t quite keeping in with the Norse mythology theme, something we already encountered with the .Shit Organize extension.
Suspicions have risen that this new version of the well-known ransomware may be using GeoIP awareness. This means that it may be object computers in certain countries and regions. However, that’s not to say that we’ve seen the last of the .Aesir variant either. Reports have emerged about it still infecting computers to this day. Another new facet of .ZZZZZ File Virus is the fact that it appears to act as Adware, while the encryption function is running. Victims have reported seeing ads on their screens, advertising distinct social media platforms.
Keep an extra eye out for incoming e-mails, as they unmoving remain the prime source for these infections. In the case of .ZZZZZ be hip of any e-mails titled “Order #12345678” as they are known to be spreading the newest Locky virus. The news are designed to trick users into believing they have greeted confirmation of an order from certain com nies. They come with an fond of .zip file, which would be titled something along the lines of ‘requisition XYZ’ followed by your own name. Small and medium size businesses are fundamentally being targeted by the hackers, as they are more likely to fall for the wile, i.e. y the demanded ransom. We urge readers to be extremely careful, as the sender e-mail greets and subjects seem shockingly legit and easy to fall for.
Once the ended files on the victim’s computer have been encrypted, the ransom call for appears, with the “requested” amount being roughly 400 USD. We do not admonish you to rush into ying the ransom right away if at all, as this order not guarantee the recovery of your files. It would be wise to first try and eliminate the virus from your machine, before attempting anything else.
Selection options for the decryption of your files include decryptor tools as surge as possible options for restoring the deleted original copies. It’s best to consult an whiz before resorting to ransom yment.
Looking to learn more adjacent to Ransomware? Click here to find out more.
About the Author: Daniel Sadakov has a step little by little in Information Technology and specializes in web and mobile cyber security. He harbors a rabid detestation for anything and everything malicious and has committed his resources and time to battling all procedures of web and mobile threats. He has founded MobileSecurityZone.com, a website dedicated to covering the top tech stories and take under ones wing useful tips for the everyday user, in an effort to reach and help diverse people.
Editor’s Note: The opinions expressed in this guest founder article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.