What is Ransomware?
Ransomware is a type of malware (malicious software) that encrypts a victim's files and demands a ransom to restore access. Hackers often target businesses and individuals, with the most common victims being individuals, as the costs associated with an infection can be high. Ransomware is usually spread by phishing attacks or by downloaders clicking on malicious files.
MedusaLocker Ransomware Capabilities
MedusaLocker virus Ransomware is a malicious software known as Ransomware. MedusaLocker virus Ransomware encrypts all the files in a computer until the user pays a ransom. MedusaLocker then drops a file named HOW_TO_RECOVER_DATA.html, containing the ransom note.
- Spawns processes
- Checks the free space of hard drives
- Queries a list of all running processes
- Creates COM task schedule object often used to register a task for autostart
- Reads ini files
- May delete shadow drive data
- Contains capabilities to detect virtual machines
- Tries to load missing DLLs
- Creates files inside the user directory
MedusaLocker Ransomware has also been spotted inside the following files and processes: ['svchostt.exe']
How Protect from MedusaLocker Ransomware?
If you want to protect yourself from this type of ransomware, make sure you use strong passwords for all accounts online, and make sure you update your antivirus software and security updates for your operating systems often. Avoid opening attachments from strange emails, and never click on links in emails or download anything from strange web pages.
- Use a reliable anti-malware tool to remove the ransomware
- Back up your computer data using secure methods
- Use caution when opening any attachments or clicking on links
- Use a decryption tool
- Use caution when opening email attachments from unknown sources