Threat Database Ransomware Supermagnet@india.com Ransomware

Supermagnet@india.com Ransomware

By GoldSparrow in Ransomware

The 'Supermagnet@india.com' Ransomware is a Trojan that is a variant of the Dharma Ransomware. The 'Supermagnet@india.com' Ransomware is named after the email left for negotiations between operators and users affected by the Trojan. Reports from users show that the distribution campaign for the 'Supermagnet@india.com' Ransomware is centered on using dummy spreadsheets that have an embedded macro. The content of the dummy spreadsheets that serves as a decoy and as a message to enable macro is placed on the top of the document. Users who are lead to open the spreadsheet may enable the macro functionality in their office clients and run the macro. Windows interprets the macro as a command to download and run an executable with elevated privileges.

The 'Supermagnet@India.com' Ransomware may Bypass UAC Prompts

Researchers note that the 'Supermagnet@india.com' Ransomware features new obfuscation layers, new packaging, and slight differences in code compared to its predecessor. These modifications are made with the aim to hinder heuristic detection and allow the Trojan to encrypt data silently. Apart from a few lines of new code and new spam campaign to spread the 'Supermagnet@india.com' Ransomware there isn't anything new. Threats like the 'Supermagnet@india.com' Ransomware and the RIP Ransomware function identically and their introduction to systems and ransom demands is what varies. The authors of the 'Supermagnet@india.com' Ransomware continue to implement a customized AES-cipher into their products, and this time their Trojan append the '.wallet extension' to encrypted files. For example, 'Serenity creek.jpeg' is transcoded to 'Serenity creek.jpeg.wallet extension'.

The 'Supermagnet@India.com' Ransomware may Delete the Shadow Volume Copies and Encode Data on Removable Drives

Unfortunately, there isn't a free decryptor for the data affected by the 'Supermagnet@India.com' Ransomware. The unique key used to encode your files is not saved locally, and the operators of the 'Supermagnet@India.com' Ransomware may offer help to affected PC users after payment is made to a wallet address. Reports suggest that the team behind the 'Supermagnet@India.com' Ransomware is likely to provide a decryptor in case you are ready to pay from 350 USD to 750 USD using Bitcoins. However, we do not encourage paying the ransom as the negotiations may not end up in your favor. Your best course of action is to use a trusted anti-malware scanner to purge the 'Supermagnet@India.com' Ransomware Trojan. Recovery is possible as long as you have archives of your documents and you have backed up your data. Av vendors are known to detect the 'Supermagnet@India.com' Ransomware Trojan as:

  • Gen:Variant.Razy.84166
  • ROJ_GEN.R0C1C0DKR16
  • Ransom.TeslaCrypt.MUE.RF5
  • Ransom.TeslaCrypt/Variant
  • TR/Dropper.Gen
  • Trojan.Encoder.3953
  • Trojan/Win32.Crypren.C1675935
  • W32/Trojan.KUEK-6130
  • Win32/DH{gVFnNg?}
  • Win32:Malware-gen

Trending

Most Viewed

Loading...