Ransomware

ZCryptor Ransomware .lnk – Microsoft warns users from self-propagating

Microsoft released an alert about a new ransomware variant, ZCryptor, that possesses worm-like behavior and attacks Windows users.

This abrasive ZCryptor has a strong ability to multiply itself and spread to other systems through removable media devices, such as flash drives, as well as network drives to expand its area of attack.

How is it being spread?

The ransomware has various methods by which it can access a computer. It can be disseminated via spam emails, macro malware or through fake Flash Player installers.

Considering the distribution of ransomware through removable storage devices, it leaves behind autorun.inf in removable drives; a zycrypt.lnk in the start-up folder: %User Startup%\zcrypt.lnk along with a copy of itself as {Drive}: \system.exe and%appdata%\zcrypt.exe, and ultimately changes the properties of files to disguise itself in the file explorer.

Once it encrypts the files and acquires the control of the system, it flashes a ransom note on the screen demanding 1.2 Bitcoins, which equals to $500 (£342), for providing the decryption key.

The extensions of all the files are changed to .zcrypt. Microsoft stated that it’s important to enable file history or system protection in order to restore personal files from the backup created earlier in some cases.

Users are given the time of four days to fulfill the demand otherwise attackers increase the payment to five Bitcoins.

However, it came into sight that Microsoft was partially aware of the ransomware activities as it suggested the following advice:

“Some ransomware will also encrypt or delete the backup versions and will not allow you to enable system protection or file history.”

Solution- Where to backup files?

If this is the scenario, you need to rely on backups to external drives or Right Backup Anywhere .

Right Backup Anywhere is an online backup tool to safely store your data on Cloud. It uses encryption techniques which make impossible for any ransomware to breach the security.

It offers following features:

Users themselves are accountable for the security of their data. Therefore, it is better to use the right solution before it gets late- Download Right Backup Anywhere now!

Leave a comment