Cyber Ransomware
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Ranking: | 1,066 |
| Threat Level: | 100 % (High) |
| Infected Computers: | 3,181 |
| First Seen: | October 15, 2021 |
| Last Seen: | September 30, 2023 |
| OS(es) Affected: | Windows |
The malicious program named Cyber is malware from the ransomware type. Upon being executed on a breached system, it immediately initiates an encryption process for all the files on the device and appends their original filenames with a '.Cyber' extension. For instance, a file with an initial name of '1.doc' would now appear as '1.doc.Cyber' after being encrypted. Similarly, '2.pdf' would become '2.pdf.Cyber", and so on. Cybersecurity researchers point out that the Cyber Ransomware threat is based on the Chaos malware strain.
In addition to the file encryption, the Cyber Ransomware also changes the desktop wallpaper and generates a ransom note named 'read_it.txt.' The ransom note contains instructions for the victims, with the cybercriminals responsible for ransomware attacks usually demanding payment in exchange for the decryption key to unlock the encrypted files.
Table of Contents
Cyber Ransomware Can Render Numerous Filetypes Inaccessible via Encryption
The ransomware note indicates that the victim's important files, such as databases, documents, and photos, have been encrypted and can only be decrypted by paying a ransom in Bitcoin cryptocurrency. The ransom amount is typically mentioned, and victims are given a way to test decryption on a limited number of files before they pay.
The note often contains contact information for the attackers or their representatives. However, sometimes the contact information may not be valid, and the victim may have difficulty communicating with the attackers. Additionally, the ransomware's wallpaper may display the same message and ransom amount but with different contact details.
In most ransomware attacks, decryption without the attackers' involvement is typically not possible. Even when victims pay the ransom, they may not receive the decryption keys or software necessary to recover their files. As a result, experts strongly advise against paying the ransom, even if the contact information is legitimate and the ransom amount seems affordable.
It is essential to remember that paying the ransom supports criminal activity and does not guarantee the recovery of the encrypted data. Victims should explore other options, such as restoring files from backups or seeking assistance from security experts.
Make Sure To Protect Your Devices and Data from Threats Like Cyber Ransomware
The best measures that users can implement to protect their devices and data from ransomware attacks involve a combination of proactive and reactive strategies.
First, users should be vigilant in their online activity and take steps to avoid falling victim to common ransomware infection vectors, such as phishing emails or malicious downloads. This includes using strong and unique passwords, regularly updating software and operating systems, and being cautious of suspicious emails or links.
Second, users should implement security measures, such as using reputable anti-malware software and enabling firewalls to block unauthorized access to their devices. They should also consider using endpoint detection and response (EDR) tools, which can help detect and respond to ransomware attacks in real time.
Third, users should regularly back up their important data to an external source, such as a cloud service or an external hard drive. This can help ensure that even if their device is infected with ransomware, they can still access their data without paying the ransom.
Fourth, in the event of a ransomware attack, users should avoid paying the ransom as it may not guarantee the safe recovery of their data and may also encourage further criminal activity. Instead, they should seek professional help from security experts and consider reporting the attack to law enforcement.
Finally, users should stay informed about the latest ransomware threats and evolving attack techniques to remain aware and prepared to protect themselves against potential attacks.
The full text of the ransom note dropped by Cyber Ransomware is:
Don't worry, you can return all your files!
All your files like documents, photos, databases and other important are encrypted
What guarantees do we give to you?
You can send 3 of your encrypted files and we decrypt it for free.
You must follow these steps To decrypt your files :
1) Write on our e-mail :test@test.com ( In case of no answer in 24 hours check your spam folder
or write us to this e-mail: test2@test.com)
2) Obtain Bitcoin (You have to pay for decryption in Bitcoins.
After payment we will send you the tool that will decrypt all your files.)
Cyber Ransomware Video
Tip: Turn your sound ON and watch the video in Full Screen mode.
