Threat Database Ransomware '.uzltzyc File Extension' Ransomware

'.uzltzyc File Extension' Ransomware

By GoldSparrow in Ransomware

Ransomware threats have evolved dramatically over the last decade. Older ransomware variants would display some error message that prevented computer users from accessing their machines. However, once computer user had figured out how to bypass the message, it was a simple matter of running a scan of the affected computer with a reliable security program. Police Ransomware variants then came into vogue, which used this tactic but claimed that the computer has been blocked by the police. The most popular forms of ransomware currently active are quite a bit more difficult to deal with. These new form of ransomware infections encrypt the victim's files using an AES encryption algorithm, taking it hostage and demanding the payment of a ransom. These kinds of infections are particularly threatening because the files remain infected even if the threat is removed. The '.uzltzyc File Extension' Ransomware is one of the many variants of these threats.

The '.uzltzyc File Extension' Ransomware is a Variant of the Infamous TeslaCrypt Trojan

The '.uzltzyc File Extension' Ransomware is a variant of TeslaCrypt, a threatening infection that has been active since early 2015. In December of 2015, con artists released version 3.0 the of TeslaCrypt. This version closed a vulnerability that had allowed PC security researchers to recover the decryption key from the victim's computer. Apart from the '.uzltzyc File Extension' Ransomware, countless variants of TeslaCrypt have appeared since its implementation as Ransomware as a Service (RaaS) and the release of the version 3.0, all of them carrying out a similar attack.

How a '.uzltzyc File Extension' Ransomware Infection Works

The '.uzltzyc File Extension' Ransomware attack is not complicated. The '.uzltzyc File Extension' Ransomware is delivered using typical threat delivery methods (that include corrupted email attachments). Once the '.uzltzyc File Extension' Ransomware enters a computer, it searches for the following types of files and encrypts them:

.7z; .rar; .m4a; .wma; .avi; .wmv; .csv; .d3dbsp; .sc2save; .sie; .sum; .ibank; .t13; .t12; .qdf; .gdb; .tax; .pkpass; .bc6; .bc7; .bkp; .qic; .bkf; .sidn; .sidd; .mddata; .itl; .itdb; .icxs; .hvpl; .hplg; .hkdb; .mdbackup; .syncdb; .gho; .cas; .svg; .map; .wmo; .itm; .sb; .fos; .mcgame; .vdf; .ztmp; .sis; .sid; .ncf; .menu; .layout; .dmp; .blob; .esm; .001; .vtf; .dazip; .fpk; .mlx; .kf; .iwd; .vpk; .tor; .psk; .rim; .w3x; .fsh; .ntl; .arch00; .lvl; .snx; .cfr; .ff; .vpp_pc; .lrf; .m2; .mcmeta; .vfs0; .mpqge; .kdb; .db0; .DayZProfile; .rofl; .hkx; .bar; .upk; .das; .iwi; .litemod; .asset; .forge; .ltx; .bsa; .apk; .re4; .sav; .lbf; .slm; .bik; .epk; .rgss3a; .pak; .big; .unity3d; .wotreplay; .xxx; .desc; .py; .m3u; .flv; .js; .css; .rb; .png; .jpeg; .txt; .p7c; .p7b; .p12; .pfx; .pem; .crt; .cer; .der; .x3f; .srw; .pef; .ptx; .r3d; .rw2; .rwl; .raw; .raf; .orf; .nrw; .mrwref; .mef; .erf; .kdc; .dcr; .cr2; .crw; .bay; .sr2; .srf; .arw; .3fr; .dng; .jpeg; .jpg; .cdr; .indd; .ai; .eps; .pdf; .pdd; .psd; .dbfv; .mdf; .wb2; .rtf; .wpd; .dxg; .xf; .dwg; .pst; .accdb; .mdb; .pptm; .pptx; .ppt; .xlk; .xlsb; .xlsm; .xlsx; .xls; .wps; .docm; .docx; .doc; .odb; .odc; .odm; .odp; .ods; .odt

After encrypting a file, the '.uzltzyc File Extension' Ransomware will change that file's extension to UZLTZYC. The '.uzltzyc File Extension' Ransomware and other variants of the infamous TeslaCrypt Ransomware Trojan display some variant of the following ransom note:

Your personal files are encrypted!
Your files have been safely encrypted on this PC: photos, videos, documents, etc. Click "Show Encrypted Files" button to view a complete list on encrypted files, and you can personally verify this.
Encryption was produced using a unique public key RSA-2048 generated for this computer. To decrypt files you need to obtain the private key.

Dealing with the '.uzltzyc File Extension' Ransomware

If your files have been encrypted by the '.uzltzyc File Extension' Ransomware, PC security researchers advise against paying the ransom amount. There is no guarantee that the con artists responsible for the '.uzltzyc File Extension' Ransomware will honor their word and help you recover your files. Instead, computer users should prevent these attacks by backing up all important files. That way, computer users can recover from a the '.uzltzyc File Extension' Ransomware attack by restoring the files from the backup location after the infected drive has been wiped clean.

Trending

Most Viewed

Loading...