'.7zipper File Extension' Ransomware
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Threat Level: | 80 % (High) |
| Infected Computers: | 8 |
| First Seen: | January 31, 2017 |
| Last Seen: | February 18, 2022 |
| OS(es) Affected: | Windows |
The '.7zipper File Extension' Ransomware is a ransomware Trojan that seems to target computer users in Portuguese-speaking countries (mainly Brazil). The '.7zipper File Extension' Ransomware is branded around the 7-zip program, a popular free utility used to read and create archive files. The people responsible for the '.7zipper File Extension' Ransomware has implemented the open source code of this popular free application into their ransomware Trojan. Computer users in countries where Portuguese is the main language reported attacks involving the '.7zipper File Extension' Ransomware starting on January 29, 2017. Victims of the '.7zipper File Extension' Ransomware attacks claimed to have received spam email messages disguised as notifications from essential service providers such as Internet Service Providers, cable companies, and electricity companies. These email messages alerted the victims that they needed to download their bill attached to the email. The supposed 'bill' would infect their computers with the '.7zipper File Extension' Ransomware threat.
The '.7zipper File Extension' Ransomware Tries to Unzip Your Wallet
The '.7zipper File Extension' Ransomware follows an attack that is similar to numerous ransomware Trojans, including the WinRarer Ransomware, which uses a very similar approach in its attack. The '.7zipper File Extension' Ransomware will take all of the victim's files and put them into a password -protected archive, making them inaccessible. To do this, the '.7zipper File Extension' Ransomware uses the compression engine of 7-zip, a popular free application that was created by Igor Pavlov. The '.7zipper File Extension' Ransomware combines the affected files, encrypts them using a strong encryption algorithm, and then places them in an archive file. The '.7zipper File Extension' Ransomware will store this file in the hard drive with the greatest amount of free space on the victim's computer. The '.7zipper File Extension' Ransomware will first gather information about the infected computer to find the best location for this file. This approach means that the '.7zipper File Extension' Ransomware can carry out an effective encryption ransomware attack without the need for an Internet connection, unlike many other ransomware Trojans.
PC security researchers have observed that the '.7zipper File Extension' Ransomware seems to generate a random name for the generated archive file in each instance of the '.7zipper File Extension' Ransomware attack. Files that have been encrypted by the '.7zipper File Extension' Ransomware can be recognized easily because of the extension '.7zipper.' Once the '.7zipper File Extension' Ransomware has finished its attacks, computer users will receive a ransom notification in the form of a text file named 'Saiba como recuperar seus arquivos.txt' (Learn how to recover your files.txt). The content of the ransom note displayed by the '.7zipper File Extension' Ransomware is the following short snippet of text, which instructs victims to contact the people responsible for the '.7zipper File Extension' Ransomware at their email address:
'Your key:
[RANDOM CHARACTERS]
To retrieve your data, send your key to our email:
zipper@email.tg'
Dealing with a '.7zipper File Extension' Ransomware Infection
Unfortunately, the encryption mechanism used in the '.7zipper File Extension' Ransomware is quite strong and cannot be decrypted. However, PC security analysts strongly advise computer users to refrain from contacting the people responsible for the '.7zipper File Extension' Ransomware attack. The ransom will be at least several hundred dollars, and paying it may not guarantee that the people behind the '.7zipper File Extension' Ransomware will honor their word and deliver the decryption key. In many cases, they may simply ignore the payment and ask for more money or never respond. Even if a computer user recovers the affected files, paying the '.7zipper File Extension' Ransomware ransom allows these people to continue creating threats and carrying out attacks. Because of this, PC security researchers strongly advise computer users to take preventive measures by backing up their files on an external memory device or the cloud regularly. The presence of backups makes computer users invulnerable from attacks like the '.7zipper File Extension' Ransomware, since they can recover their files from the backup quickly after the attack.
