Cyber Security

Security Researchers Spot ‘AnoymouS’ Ransomware Targeting Home Users

AnoymouS eansomware was discovered in late October 2020 by malware researcher S!Ri. The virus is a typical representative of the ransomware family by implementing techniques to avoid detection and efficiently encrypt a user's data.

Upon infiltration, AnoymouS launches a scan that detects the user-generated files, such as databases, spreadsheets, and pictures. The threat will use advanced encryption algorithms to lock the detected files and prevent users from accessing them.

Victims can quickly recognize the files corrupted by AnoymouS as the ransomware rename the successfully encrypted files by adding the ".AnoymouS" extension to them.

For example, an archive called "vacation_pictures.rar" will be renamed to "vacation_pictures.rar.AnoymouS."

Additionally, the ransomware will attempt to prevent data recovery by executing commands that will delete the Volume Shadow Copies.

Ransom Extortion

Upon completing the data encryption process, AnoymouS will create files called "Message_Important.txt" in every folder containing corrupted files.

Ransom Note French Version:

EMAIL:your-email

 

Vos fichiers sont cryptés avec chiffrement RSA-2048 et AES-128.

 

Décrypter vos fichiers est uniquement possible à l'aide d'une clé privée et un programme de décryptage

 

Qui se trouvent sur notre serveur secret, il s'agit d'un ransomware et non pas de virus.

 

Pour décrypter vos fichiers, veuillez suivre les instructions suivantes :

 

instruction à faire pour nous aider à décrypter vos fichiers :

 

 

1)Achetez des bitcoins de prix $ ,USD

 

2)Vous pouvez acheter rapidement les bitcoins icihxxps://localbitcoins.com

 

3)Envoyez les bitcoins à cette adresse : your wallet bitcoins

 

4)Dès qu'on reçoit les bitcoins ,on décrypte vos fichiers:your-email

 

Ransom Note English Version:

Your files are encrypted with RSA-2048 and AES-128 encryption.

 

Decrypting your files is only possible using a private key and a decryption program,

 

Which are on our secret server, it is a ransomware and not viruses.

 

To decrypt your files, please follow these instructions :

 

 

instruction to help us decrypt your files :

 

1) Buy bitcoins from prix $ ,USD

 

2) You can buy bitcoins quickly here : hxxps://localbitcoins.com

 

3) Send bitcoins to this address: your wallet bitcoins

 

4) As soon as we receive the bitcoins, we decrypt your files :your-email

The text documents are ransom notes written in French and English. It informs the victims that their data is not lost and victims can recover it for a price.

Victims are instructed to pay a ransom in Bitcoin cryptocurrency. Upon completing the payment transaction, victims are to contact the threat operators via emails.

Data Recovery

Currently, third-party recovery software is not available for data encrypted by AnoymouS ransomware. Experts, however, advise against involving the threat operators.

Victims are warned that they are dealing with experienced criminals who know how to manipulate their victims. Ransomware operators are notorious for playing dirty and double-crossing their victims.

Victims can use backups stored on cloud or external devices to restore their files. However, experts warn that victims should remove AnoymouS from their computers before attempting to remove the virus. Otherwise, the ransomware will corrupt the backup device and corrupt the data stored on it.

AnoymouS Distribution

It is currently unknown whether AnoymouS is deployed in targeted attacks. Evidence suggests that the ransomware uses classic tricks to reach a broad spectrum of potential victims.

From classic spam emails and corrupted links to more advanced pirated installers and trojan horses, various malware tricks could deliver the nasty AnoymouS.

However, experts point out that the most common cause of malware infections is nothing else but the victims' naivety and negligence. Threat operators use social engineering tricks to lure their victims into unwanted actions. Good cyber hygiene can prevent these spiteful attempts from succeeding.

Therefore, users are recommended to do their due diligence and strictly apply the best security practices.

Show More

Reactionary Times News Desk

All breaking news stories that matter to America. The News Desk is covered by the sharpest eyes in news media, as they decipher fact from fiction.

Previous/Next Posts

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button