Threat Database Ransomware '.7zipper File Extension' Ransomware

'.7zipper File Extension' Ransomware

By GoldSparrow in Ransomware

Threat Scorecard

Threat Level: 80 % (High)
Infected Computers: 8
First Seen: January 31, 2017
Last Seen: February 18, 2022
OS(es) Affected: Windows

The '.7zipper File Extension' Ransomware is a ransomware Trojan that seems to target computer users in Portuguese-speaking countries (mainly Brazil). The '.7zipper File Extension' Ransomware is branded around the 7-zip program, a popular free utility used to read and create archive files. The people responsible for the '.7zipper File Extension' Ransomware has implemented the open source code of this popular free application into their ransomware Trojan. Computer users in countries where Portuguese is the main language reported attacks involving the '.7zipper File Extension' Ransomware starting on January 29, 2017. Victims of the '.7zipper File Extension' Ransomware attacks claimed to have received spam email messages disguised as notifications from essential service providers such as Internet Service Providers, cable companies, and electricity companies. These email messages alerted the victims that they needed to download their bill attached to the email. The supposed 'bill' would infect their computers with the '.7zipper File Extension' Ransomware threat.

The '.7zipper File Extension' Ransomware Tries to Unzip Your Wallet

The '.7zipper File Extension' Ransomware follows an attack that is similar to numerous ransomware Trojans, including the WinRarer Ransomware, which uses a very similar approach in its attack. The '.7zipper File Extension' Ransomware will take all of the victim's files and put them into a password -protected archive, making them inaccessible. To do this, the '.7zipper File Extension' Ransomware uses the compression engine of 7-zip, a popular free application that was created by Igor Pavlov. The '.7zipper File Extension' Ransomware combines the affected files, encrypts them using a strong encryption algorithm, and then places them in an archive file. The '.7zipper File Extension' Ransomware will store this file in the hard drive with the greatest amount of free space on the victim's computer. The '.7zipper File Extension' Ransomware will first gather information about the infected computer to find the best location for this file. This approach means that the '.7zipper File Extension' Ransomware can carry out an effective encryption ransomware attack without the need for an Internet connection, unlike many other ransomware Trojans.

PC security researchers have observed that the '.7zipper File Extension' Ransomware seems to generate a random name for the generated archive file in each instance of the '.7zipper File Extension' Ransomware attack. Files that have been encrypted by the '.7zipper File Extension' Ransomware can be recognized easily because of the extension '.7zipper.' Once the '.7zipper File Extension' Ransomware has finished its attacks, computer users will receive a ransom notification in the form of a text file named 'Saiba como recuperar seus arquivos.txt' (Learn how to recover your files.txt). The content of the ransom note displayed by the '.7zipper File Extension' Ransomware is the following short snippet of text, which instructs victims to contact the people responsible for the '.7zipper File Extension' Ransomware at their email address:

'Your key:
[RANDOM CHARACTERS]
To retrieve your data, send your key to our email:
zipper@email.tg'

Dealing with a '.7zipper File Extension' Ransomware Infection

Unfortunately, the encryption mechanism used in the '.7zipper File Extension' Ransomware is quite strong and cannot be decrypted. However, PC security analysts strongly advise computer users to refrain from contacting the people responsible for the '.7zipper File Extension' Ransomware attack. The ransom will be at least several hundred dollars, and paying it may not guarantee that the people behind the '.7zipper File Extension' Ransomware will honor their word and deliver the decryption key. In many cases, they may simply ignore the payment and ask for more money or never respond. Even if a computer user recovers the affected files, paying the '.7zipper File Extension' Ransomware ransom allows these people to continue creating threats and carrying out attacks. Because of this, PC security researchers strongly advise computer users to take preventive measures by backing up their files on an external memory device or the cloud regularly. The presence of backups makes computer users invulnerable from attacks like the '.7zipper File Extension' Ransomware, since they can recover their files from the backup quickly after the attack.

Trending

Most Viewed

Loading...