Threat Database Ransomware 8chan Ransomware

8chan Ransomware

By GoldSparrow in Ransomware

PC security researchers have received complaints of a ransomware Trojan known as the 8chan Ransomware, which seems to reference the 8chan message board in its branding (although it is unlikely that there is a direct relationship between this and the 8chan Ransomware Trojan.) The 8chan Ransomware is nearly identical to the countless other encryption ransomware Trojans that are being used to attack computer users currently. The 8chan Ransomware, like the many other, similar threats, will encrypt the victim's files and then demand the payment of a ransom in exchange for the decryption key needed to restore the victim's files. The 8chan Ransomware takes the victim's files hostage, using a strong encryption algorithm to make sure that the affected files cannot be recovered.

How the 8chan Ransomware Attacks a Computer

Threats like the 8chan Ransomware use the AES or RSA encryptions to make the victim's files inaccessible. They will target a wide variety of the user-generated files while avoiding the Windows system files and applications. This allows the victim to still being able to use the affected computer to pay a ransom to regain access to the affected files (if the 8chan Ransomware has encrypted all files, then the affected computer's operating system would cease to function entirely). The following are some of the file types that are commonly targeted in attacks like the 8chan Ransomware:

.3dm, .3g2, .3gp, .7zip, .aaf, .accdb, .aep, .aepx, .aet, .ai, .aif, .as, .as3, .asf, .asp, .asx, .avi, .bmp, .c, .class, .cpp, .cs, .csv, .dat, .db, .dbf, .doc, .docb, .docm, .docx, .dot, .dotm, .dotx, .dwg, .dxf, .efx, .eps, .fla, .flv, .gif, .h, .idml, .iff, .indb, .indd, .indl, .indt, .inx, .jar, .java, .jpeg, .jpg, .js, .m3u, .m3u8, .m4u, .max, .mdb, .mid, .mkv, .mov, .mp3, .mp4, .mpa, .mpeg, .mpg, .msg, .pdb, .pdf, .php, .plb, .pmd, .png, .pot, .potm, .potx, .ppam, .ppj, .pps, .ppsm, .ppsx, .ppt, .pptm, .pptx, .prel, .prproj, .ps, .psd, .py, .ra, .rar, .raw, .rb, .rtf, .sdf, .sdf, .ses, .sldm, .sldx, .sql, .svg, .swf, .tif, .txt, .vcf, .vob, .wav, .wma, .wmv, .wpd, .wps, .xla, .xlam, .xll, .xlm, .xls, .xlsb, .xlsm, .xlsx, .xlt, .xltm, .xltx, .xlw, .xml, .xqx, .xqx, .zip.

PC security researchers have received reports of several variants of the 8chan Ransomware. One of the ways how these threats differ from each other is how they identify the files encrypted by the attack. They will change the affected files' names by adding a new file extension to their names. The 8chan Ransomware is associated with two file extensions, which include '[random].recover@8chan.co' and '[random].supdec@8chan.co,' as well as several others. The 8chan Ransomware delivers a ransom note in the form of a text file. The 8chan Ransomware's variants have dropped text file ransom notes with the names 'HOW TO RECOVER ENCRYPTED FILES-recover@8chan.co.TXT,' 'HOW TO RECOVER ENCRYPTED FILES-supdec@8chan.co.TXT,' and various others. The following is an example of a ransom note used by an 8chan Ransomware variant observed by PC security researchers:

'======================
decrypts@8chan.co
======================
Your files are encrypted!
Your personal identifier: -
=======================
To decrypt files, please contact us by email:
decrypts@8chan.co
=======================
reserved:
techn@airmail.cc
=======================

Protecting Your Data from Threats Like the 8chan Ransomware

The best protection against threats like the 8chan Ransomware, without any doubt, is to have file backups. If computer users keep backup copies of their files, then they can restore their files easily without having to negotiate with the con artists. It is advised to refrain from contacting the con artists. It is very unlikely that they will help recover the files and, in most cases, contacting them can lead to additional problems or another hoax. Having file backups, as well as an updated security application is the best way to ensure that your data is safe and halt these attacks permanently. Since the 8chan Ransomware and similar threats often spread using spam email messages, learning to handle these safely is also essential.

Trending

Most Viewed

Loading...