• How to remove FessLeak Ransomware Virus

    How to remove FessLeak Ransomware Virus

    1 Star2 Stars3 Stars4 Stars5 Stars (6 votes, average: 5.00 out of 5)
    Loading...
    How to remove FessLeak Ransomware Virus

    How to remove FessLeak Ransomware Virus

    1 Star2 Stars3 Stars4 Stars5 Stars (6 votes, average: 5.00 out of 5)
    Loading...

    What is FessLeak:

    Threat Classification: Ransomware

    FessLeak is the newest version of Crypto ransomware infections. Similar to Cryptorwall, HowDecrypt and CryptoLocker. FessLeak will target computers running Windows operating systems. It was released in October 2014 and uses corrupted ad-bidding networks to spread itself. It is considered, that FessLeak was developed in Russia. The infection uses a recently discovered vulnerability in the Adobe Flash Player (APSA15-02CVE-2015-0313). FessLeak is delivered to the victim’s computer, by exploiting the Flash Player vulnerability. Security researchers have found that the ransomware uses a file called “makes calls to icacls.exe“, that changes permissions on files and folders, but so far no binary has been detected.  It is considered that the FessLeak is mutating to avoid detection by the antivirus products. Unfortunately, FessLeak uses 2048-bit strong RSA encryption, which means that there is no chance of decrypting the files encrypted by FessLeak. [Read More…]

  • How to remove TorrentLocker Ransomware Virus

    How to remove TorrentLocker Ransomware Virus

    1 Star2 Stars3 Stars4 Stars5 Stars (6 votes, average: 5.00 out of 5)
    Loading...
    How to remove TorrentLocker Ransomware Virus

    How to remove TorrentLocker Ransomware Virus

    torrentlocker-2

    What is TorrentLocker:

    Threat Classification: Ransomware

    TorrentLocker is a ransomware trojan, which targets computers running Windows operating system. The TorrentLocker Ransomware was first seen in August 2014 in Australia. The infection might come from various sources – infected files from various file sharing applications or email attachments even external USB drives. Once TorrentLocker infects the system, it encrypts almost all important files and folders using Rijndael algorithm (symmetric cipher). The malware then sends a ransom message which informs the victim that their files have been encrypted by the “CryptoLocker virus,” and the ransom page.
    The TorrentLocker is said to borrow features from both the infamous CryptoLocker ransomware, as well as CryptoWall. Despite being a derivative of these malware programs, the security researchers who discovered and analyzed it – iSIGHT Partners – are referring to it as an entirely new strain, which is a bad news.
    The malware then displays a “ransom message”, which actually tries to convince you that these guys are making you a big favor by selling you the decryption software. The payment is the real interesting part of this plot – it should be made through Bitcoins, which is untraceable payment method (of course), but you should send 500 Australian Dollars, which is something like 465 USD, of course, if you don’t do this until 72 hours – they will ask you for a 1000 Australian Dollars! [Read More…]

  • How to remove ZeroLocker Ransomware Virus

    How to remove ZeroLocker Ransomware Virus

    1 Star2 Stars3 Stars4 Stars5 Stars (6 votes, average: 5.00 out of 5)
    Loading...
    How to remove ZeroLocker Ransomware Virus

    How to remove ZeroLocker Ransomware Virus

    What is ZeroLocker:

    Threat Classification: Ransomware

    ZeroLocker is a ransomware trojan, which targets computers running Windows operating system. ZeroLocker was first seen August 2014. The infection might come from various sources – infected files from various P2P networks – torrents or other file sharing applications, email attachments etc. When activated ZeroLocker encrypts certain types of files stored on local and mounted network drives using RSA public-key cryptography, with the private key stored only on the malware’s control servers. The malware then displays a ransom message which offers to decrypt the data if a payment is made by a stated deadline, and threatens to delete the private key if the deadline passes. The payment should be made through Bitcoins – untraceable payment method. If the deadline is not met, the malware offers to decrypt data via an online service provided by the malware’s operators, for a significantly higher price in Bitcoin. If you pay the initial ransom it will cost you about 300-3500 bucks, but for the next 5 days delay – 500 USD and for 10 days 1000 USD. [Read More…]

  • How to remove SynoLocker Ransomware Virus

    How to remove SynoLocker Ransomware Virus

    1 Star2 Stars3 Stars4 Stars5 Stars (6 votes, average: 5.00 out of 5)
    Loading...
    How to remove SynoLocker Ransomware Virus

    How to remove SynoLocker Ransomware Virus

    What is SynoLocker:

    Threat Classification: Ransomware

    SynoLocker is the newest version of Crypto Ransomware infections. Similar to Cryptorbit, HowDecrypt, CryptoLocker, CryptoDefense and CryptoWall. SynoLocker will target computers running Windows operating systems, but the most striking difference between this one and it predecessors is that it can encrypt files on your NAS (Network Attached Storage) device, and more specifically the one of the firm Synology (NAS and DiskStations). It was released and detected in August. SynoLocker is almost identical to its predecessors. There are a few minor changes like the name, the files it drops and modified instructions with a new picture. Unfortunately, as of now, there is no chance of decrypting the files encrypted by SynoLocker. [Read More…]

  • How to remove Critroni Ransomware Virus

    How to remove Critroni Ransomware Virus

    1 Star2 Stars3 Stars4 Stars5 Stars (6 votes, average: 5.00 out of 5)
    Loading...
    How to remove Critroni Ransomware Virus

    How to remove Critroni Ransomware Virus

    What is Critroni:

    Threat Classification: Ransomware

    Critroni is the newest version of Crypto ransomware. Similar to Cryptorwall, HowDecrypt and CryptoLocker. Critroni will target computers running Windows operating systems. It was released by the developers of the other Crypto ransomware in the mid of July. Critroni is almost identical to its predecessors. There are a few minor changes like the name, the files it drops and modified instructions with a new picture. It is speculated that this release was due to Cryptowall being well known by the Anti-virus companies or because the malicious code was sold to another malware developer. Unfortunately, as of now, there is no chance of decrypting the files encrypted by Critroni. [Read More…]