Well, this didn’t take long – after .Odin, and .Zepto before it, the latest successor to the Locky Ransomware line is here. It has been rather “playfully” named .Shit File Virus by its creators. Apart from the name, there’s nothing to laugh at concerning this newest Ransomware threat.
According to researchers, .Shit File Virus Ransomware is shaping out to be one of the biggest ones in quite a while. We have already encountered multiple instances of this locally in the last few days
.Shit Ransomware spreads predominantly through spam emails containing infected JS or WS attachments. If the unsuspecting user executes such a malicious script, then trouble is more or less inevitable. A remote C&C server would be contacted and the download of the Ransomware payload file would commence.
It is more or less the same song and dance afterwards as .Zepto– after careful deliberation and selection of your most often used personal files, the ransomware would start encrypting them, eventually turning them into an inaccessible mess with the .shit extension to top it all off.
The encryption is a strong one, utilizing RSA and AES ciphers. Similar to previous Locky versions, the victims are extorted in the amount of 0.8 Bitcoins (roughly €600) for a decryption key.
I will once again urge you not to cave in to the ransomware creators’ demands and not to pay the demanded ransom. Yes, it is infuriating to not be able to access your files but refusal to support the cyber criminals is of paramount importance. This is the only chance for an end user to hinder this increasingly developing “industry.”
Offsite Backups are key in this situation – to assess if your backup is up to scratch – Contact us today on 042-9335355