Cyborg Ransomware Description
As a regular user, one of the worst threats that you can have infiltrating your system would be a data-encrypting Trojan. These nasty threats would sneak into your system, scan it, and begin locking your files. When the ransomware threat is done with encrypting your files, it will blackmail you into paying a ransom fee by promising that once you comply, the attackers will assist you in reversing the damage. There has been a brand-new file-locking Trojan spotted in the wild, and it has been given the name Cyborg Ransomware.
Propagation and Encryption
It has not been confirmed what distribution methods are used in the Cyborg Ransomware campaign. Threats of this class often are propagated via bogus application updates and fake pirated copies of legitimate software services. However, the most popular infection vectors when it comes to spreading ransomware threats are mass spam email campaigns. These fraudulent emails usually carry a corrupted attachment, which, once executed, will compromise the target's system. To induce the user to open the attachment, the attackers tend to use social engineering tricks that are woven into the message of the email. The Cyborg Ransomware will perform a brief scan and locate the files of interest. Most threats of this type tend to target a long list of file types, which are likely to be present on any user's computer. Then, the Cyborg Ransomware will begin its encryption process. Once a file is locked by the Cyborg Ransomware, you will notice that its name has been altered. This ransomware threat appends a '.petra' extension to it. For example, if you had named a file 'Celtic-eyes.jpeg,' its name will be changed to 'Celtic-eyes.jpeg.petra' after the file undergoes the encryption process of the Cyborg Ransomware.
The Ransom Note
When the encryption process is completed, the Cyborg Ransomware drops a ransom note and changes the background of the victim's desktop. The image's name is 'Cyborg_DECRYPT.jpg' and has a black background and blue text stating 'ALL YOUR FILES ARE ENCRYPTED BY CYBORG RANSOMWARE.' It also lets the users know that they can find more information in the ransom note the threat has dropped, which goes by the name 'Cyborg_DECRYPT.txt.' In the note, the attackers offer the user to decrypt one file free of charge, which aims to prove to the victim that the attackers are in possession of a functioning decryption key. As a ransom fee, the attackers demand to be sent $300 in the shape of Bitcoin. There is an email provided, where the victim can get in touch with the attackers for further information – 'petra-mail.ru.'
It is not advisable to cooperate with cybercriminals. Most authors of ransomware threats lose all interest in helping their victims once the monetary transaction has been completed. This is why you should consider obtaining a legitimate anti-spyware application precisely and use it to wipe off the Cyborg Ransomware from your system.
Do You Suspect Your PC May Be Infected with Cyborg Ransomware & Other Threats? Scan Your PC with SpyHunterSpyHunter is a powerful malware remediation and protection tool designed to help provide PC users with in-depth system security analysis, detection and removal of a wide range of threats like Cyborg Ransomware as well as a one-on-one tech support service. Download SpyHunter's FREE Malware Remover
Security Doesn't Let You Download SpyHunter or Access the Internet?Solutions: Your computer may have malware hiding in memory that prevents any program, including SpyHunter, from executing on your computer. Follow to download SpyHunter and gain access to the Internet:
- Use an alternative browser. Malware may disable your browser. If you're using IE, for example, and having problems downloading SpyHunter, you should open Firefox, Chrome or Safari browser instead.
- Use a removable media. Download SpyHunter on another clean computer, burn it to a USB flash drive, DVD/CD, or any preferred removable media, then install it on your infected computer and run SpyHunter's malware scanner.
- Start Windows in Safe Mode. If you can not access your Window's desktop, reboot your computer in "Safe Mode with Networking" and install SpyHunter in Safe Mode.
- IE Users: Disable proxy server for Internet Explorer to browse the web with Internet Explorer or update your anti-spyware program. Malware modifies your Windows settings to use a proxy server to prevent you from browsing the web with IE.