Ransomware threats have emerged to be one of the biggest nuisances in the online world. Research reveals that last few years saw a tremendous advancement of targeted Ransomware attacks that have earned cyber criminals millions of dollars. It has been found that capitalist cyber maniacs are turning to targeted Ransomware attacks that are premeditated & reaping millions of dollars in ransom.
Threat landscape has evolved over the past 12 months uncovering trends on how they are expected to impact cyber security in the near future. Cyber maniacs have adopted newer Office exploits to lure in victims. With Ransomware attacks on the rise, last year saw an increased focus in this malware threat being pushed to computer & other IoT (Internet of Things) devices via shady tactics.
Security researchers recently discovered a new Ransomware program known as Clop Ransomware designed to encrypt user important data & hence yank user chain. Reported on February 10th 2019, the malware encrypts files with a strong encryption algorithm. The affected files are appended with .clop extension to the filenames making them inaccessible. Following successful encryption, a text file is dropped with the name ClopReadMe.txt that contains a ransom demanding message.
Though the ransom amount is not known, it is believed that the amount depends on how fast the victim writes an email to the criminals. The price however is known to fluctuate between $500 and $1500 in Bitcoins, Ethereum or another cryptocurrency.
Clop Ransomware once invading the system makes the data completely inaccessible by scheduling an encryption algorithm that makes files completely inaccessible. It is known to permeate the system via corrupted Microsoft word files & encipher following types of files:
To achieve persistence, the Ransomware makes entries in the Windows Registry. Such entries are typically designed in a way to launch virus automatically on each start of the Windows operating system.
Shadow Volume Copies created by windows operating system are also deleted by Clop Ransomware to eliminate ways to restore encrypted files.
The ransom note dropped by the malice threatens users not to attempt any methods to restore the encrypted files as it declares that such acts will only damage the encrypted data. The note further states that victims can select few encrypted files that do not contain useful information. These files should not be more than 5 MB in total. Cyber criminals claim to decrypt these attached files and send it to victims to gain user confidence and entrap them to pay the hefty ransom amount.
Victims are however recommended to be careful & not fall in the trick as the threat actors usually do not fulfill all the promises. Victims are often ignored one the ransom is paid. Hence avoiding any contacts with the culprits is the viable option.
Restoring encrypted files is not a piece of cake. Hence users are advised to maintain a regular backup of all the files to avoid unforeseen circumstances.
The cybercriminals use various strategies for malware distribution which include –
Targeted Operating System: Windows
Symptoms: User’s files are encrypted with a strong encryption algorithm. All locked files are appended with .clop extension. These files hence cannot be accessed by the users.
Once the system starts, ensure to use an account with administrative privilege to access Safe Mode with Command Prompt.
After the user enters admin credentials, Command prompt window is displayed wherein you are entitled to enter the below commands:
Continue to follow steps 4 & 5 of Method 2 to restore the System Files and settings.
Subscribe to our newsletter today to receive updates on the Latest News and Threats.
The researchers at Virus Removal Guidelines are dedicated to track down the latest vulnerabilities which may infringe your system security. Our team of expert performs a detailed research about every malware infection before educating our users about the same.
Want to stay informed about the latest threats & malware? Sign up for our newsletter & learn how to get rid of all types of threats from your computer.