Locky virus is ransomware threat that encrypts documents, music, video and other information on victims computer using AES encryption. This virus can also encrypt folders on unmapped network shares. It modifies affected files extensions to .locky. After this it demands ransom in bitcoins (0.5 – 2 BTC or approximately $200 – $800) for decryption services. There is no known guaranteed way to decrypt files infected by Locky virus and that is why this blackmail virus is considered very harmful.
UmbreCrypt is a name for recently developed ransomware that targets for media files. After the ransomware finds certain types of files it encrypts them and adds umbrecrypt_ID_youruniqueID extension. After that the threat generates a pop-up window with a message that states the information about the encryption. In the note there are also instructions about the means to retrieve the files.
CryptoJoker is a malware that is named ‘ransomware’ for the basic principle it uses. CryptoJoker aims to frighten a user and make him or her pay money. For this purpose once CryptoJoker gets into the system it inserts executable files into the %Temp% and %AppData% folders. The program processes locate the most useful and valuable for user files and encrypt them. The tasks are also responsible for collecting the information on the user, sending it to the Command&Control server and stopping ‘regedit’ and ’taskmgr’ processes.
CryptInfinite threat is classified as a ransomware that is created with the purpose of pulling money out the victims. One day you may turn on the computer and see a message with a threat appeared out of blue. The text of the message will say that your personal files have been hijacked – they are now encrypted and non operational. CryptInfinite malware uses RSA-2048 key and adds .crinf extension to encrypted files.