Esexz Ransomware

The Esexz Ransomware is a file-locking Trojan that stops documents, pictures, and other digital media from opening by converting the files into encrypted copies. Although it's not a part of a known family of similar threats, it uses a standard ransom note telling victims to write to the attacker's e-mail for recovery help. Users with backup protection can freely recover and most Windows anti-malware products should block and remove the Esexz Ransomware.

Random Names for Randomly-Appearing Threats

A new appearance in threat databases, the Esexz Ransomware, is another instance of a Trojan where looks can be superficial and unhelpful. Despite a random name that resembles the monikers of the Djvu Ransomware, the Snatch Ransomware and similar threats, the Esexz Ransomware is an independent Trojan that malware analysts can't tie to any previous ones. Even so, its extortion and attacks are familiar tunes to anyone 'in the know' in the cyber-security industry.

The Esexz Ransomware targets Windows systems and uses a data-encryption feature that locks files from opening. This feature, which is easy for securing against third-party solutions, may block most of the user's non-system files, including their documents, pictures, spreadsheets, databases, movies and music. The locked file includes an extension with the Esexz Ransomware's randomly-chosen string of 'esexz,' but the rest of the name remains legible.

Though malware researchers can't confirm it, Trojans of the Esexz Ransomware's specialization will usually delete local backups like Restore Points. With the recovery of data in doubt, the Esexz Ransomware leaves its victims in the position of looking at a ransom note for help, which, in this campaign, is a grammar error-riddled text file.

Stumbling Through Grammar with Trojans

The Esexz Ransomware uses what malware experts find is a wholly-unique ransom note. However, the threat actor copies some of the features and operational expectations of families like Snatch Ransomware. With numerous spelling and grammar issues, the English message issues a warning of the possibility of leaked data, institutes a vague deadline for a 'cheap' ransom for the unlocker and gives users multiple e-mails for contacts. Paying may or may not create the desired response from the threat actor.

Since the Esexz Ransomware samples have questionable infection exploits, users should maintain overall-strong security for protecting their files. Windows users can disable browser features such as JavaScript and Flash, which reduce drive-by-download exploits to a minimum. They also should avoid illegal downloads like torrents of popular games or movies, be suspicious of e-mail attachments and use strong passwords for all accounts.

Most file-locker Trojan infections are due to poor . The safety habits on the part of users. In rare, contrary cases, users still should have cyber-security products for removing the Esexz Ransomware, point-blank.

The Esexz Ransomware is an imitation of better Trojans that may lack craftsmanship but not danger. Any files that it takes hostage are no less locked than they'd be by the NEFILIM Ransomware or the STOP Ransomware's gangs and Windows users forget it at their peril.