This cheap and nasty ransomware will try to encrypt files across your network and removable drives

[RV_]

There are two big takeaways from this article on this cheap and nasty ransomware.

 

1. It can be fixed by the user and unencrypted without paying the ransom.

 

2. It shows you how it infects and gives a screenshot so you know if it is Stampado.

 

The deal is that if 3% of all are fooled by it and pay, that is a lot of money worldwide.

 

Excerpt:

 

"One of the cheaper forms of ransomware that crooks can buy on the dark web has evolved worm-like capabilities which enable it to move across networks and external drives, and even to re-encrypt files which have already been encrypted by other ransomware.

 

The Stampado ransomware is available to buy on the dark web for just $39, and is described by the seller as 'cheap and easy to manage ransomware' and offers buyers a 'full lifetime license'.

 

While it might be expected that cheap ransomware offers wannabe cybercriminals very little bang for their buck, cybersecurity researchers at Zscaler have analysed Stampado and have found it to contain self-propagating features which make it extremely effective -- it can spread across multiple devices and drives connected to the infected system.

 

Typically infecting victims via a spam email or drive-by download, the malware installs itself in the %AppData% folder with the name scvhost.exe, in an effort to pass itself off as the genunie Windows executable process svchost.exe."

 

Much more in the article including related hot links here:

http://www.zdnet.com/article/this-obscenely-cheap-ransomware-will-also-encrypt-files-across-your-network-and-removable-drives/?loc=newsletter_large_thumb_related&ftag=TRE49e8aa0&bhid=19724681974700635514865380622813