Angus Ransomware Description
Ransomware threats are claiming more and more victims on a daily basis. This malware type has become one of the most popular ways for cybercriminals to generate some cash. The fact that the cyber crooks can just borrow readily available code and only alter it slightly adds to the appeal of ransomware as it does not require one to be highly skilled in the field of tech to make some quick money.
Propagation and Encryption
Recently, cybersecurity researchers uncovered a new file-locking Trojan called the Angus Ransomware. Upon studying the Angus Ransomware, experts concluded that it is a variant of the ZeroPadypt Ransomware. Emails containing macro-laced attachments, bogus application updates, and fake pirated variants of popular applications may be among the infection vectors employed by the creators of the Angus Ransomware. If the Angus Ransomware is successful in compromising a system, it will waste no time and run a brief scan, which is meant to determine the locations of the files, which are considered to be of interest. Most ransomware threats target a very wide range of file types to ensure that enough damage is done so that the victim will consider paying the ransom fee. Files such as .mp3, .jpeg, .doc, .ppt, .mov, .mp4, .png, .docx, .jpg and .pptx will almost always be targeted by file-locking Trojans as most users are likely to have them present on their systems. When the Angus Ransomware encrypts a file, it also adds a new extension to it '.Email=[Legion.email@example.com]ID=[
The Ransom Note
In the next step of the attack, the Angus Ransomware drops its ransom note. The note's name is 'HowToDecrypt.txt,' and it reads:
’Your Files Have Been Encrypted
If You Need Your Files You Should Pay Decryption Price
The Steps For Getting Decryption Tool :
1-Send Id On The Files Or HowtoDecrypt.txt Files to Our Email
2-Send 1MB File For Getting Decryption Test to Make Sure You Can Get Your Files Back With Us(The Test File Should Not Contain Valuable Data Like Databases Excel Sheets or Backups)
3- Pay Decryption Price ( Payment Should Be With Bitcoin )
4- Get Decryption Tool With Key
Using 3rd Party Applications or Recovery Tools May Damage Your Files permanetly
Your ID :0H1Khr79qvNDB4M
Our Email: Legion.firstname.lastname@example.org.’
The attackers fail to mention a specific ransom fee, but they state that the user is required to contact them via email ‘Legion.email@example.com.' Despite not specifying the sum required, the authors of the Angus Ransomware make it very clear that the fee will be demanded in the shape of Bitcoin.
We advise you strongly to resist any urge to contact the cybercriminals responsible for the Angus Ransomware. It is never a good idea to pay cyber crooks not only because your money will only encourage their criminal activities but also because they often do not keep their promises and will likely end up never sending you the decryption key promised. Since the Angus Ransomware is a variant of the ZeroPadypt Ransomware, it may be decryptable using a publicly available decryption tool so that this is something worth exploring definitely. Furthermore, to ensure you do not end up in a similar situation in the future, make sure you download and an anti-spyware security tool.
Do You Suspect Your PC May Be Infected with Angus Ransomware & Other Threats? Scan Your PC with SpyHunterSpyHunter is a powerful malware remediation and protection tool designed to help provide PC users with in-depth system security analysis, detection and removal of a wide range of threats like Angus Ransomware as well as a one-on-one tech support service. Download SpyHunter's FREE Malware Remover
Security Doesn't Let You Download SpyHunter or Access the Internet?Solutions: Your computer may have malware hiding in memory that prevents any program, including SpyHunter, from executing on your computer. Follow to download SpyHunter and gain access to the Internet:
- Use an alternative browser. Malware may disable your browser. If you're using IE, for example, and having problems downloading SpyHunter, you should open Firefox, Chrome or Safari browser instead.
- Use a removable media. Download SpyHunter on another clean computer, burn it to a USB flash drive, DVD/CD, or any preferred removable media, then install it on your infected computer and run SpyHunter's malware scanner.
- Start Windows in Safe Mode. If you can not access your Window's desktop, reboot your computer in "Safe Mode with Networking" and install SpyHunter in Safe Mode.
- IE Users: Disable proxy server for Internet Explorer to browse the web with Internet Explorer or update your anti-spyware program. Malware modifies your Windows settings to use a proxy server to prevent you from browsing the web with IE.