JesusCrypt Ransomware Description
A brand-new file-encrypting Trojan has been spotted in the wild. Its name is JesusCrypt Ransomware. Once malware researchers came across the JesusCrypt Ransomware, they made sure to dissect the threat. What they discovered is that this ransomware threat is an unfinished project with some ‘good’ potential. Cybersecurity experts speculate that this may be a variant of the HiddenTear Ransomware, but this is yet to be confirmed.
Propagation and Encryption
It is not clear what propagation methods are the attackers using to spread the JesusCrypt Ransomware. The most commonly used infection vector is spam emails. These emails often contain a fraudulent message riddled with social engineering tricks whose sole purpose is to lure the user into opening the attached file. The message may make it seem like this is an important and yet completely harmless attachment, but it is not the truth. If you fall for this trickery and launch the attached file, the JesusCrypt Ransomware will execute its corrupted code and compromise your computer. Among other methods that may be utilized in the propagation of the JesusCrypt Ransomware could be torrent trackers, fraudulent software updates, and bogus pirated variants of popular applications. If the JesusCrypt Ransomware manages to hijack your system, it will scan your data with the goal of locating the files, which it was programmed to encrypt. Next, the encryption process will begin, and the targeted data will be locked. Upon encrypting a file, the JesusCrypt Ransomware adds a '.jc' extension to its name. This means that a file, which was called 'old-gold.jpeg' originally, will be renamed to 'old-gold.jpeg.jc' and no longer be usable.
The Ransom Note
When the JesusCrypt Ransomware is done locking your files, it will drop its ransom note in the shape of a 'READ_IT.txt' file. What leads researchers to believe that the JesusCrypt Ransomware is still in development is that its authors have not included their contact details or a Bitcoin wallet, despite them demanding $200 in the shape of Bitcoin. In the note, they offer to unlock one file free of charge, provided that it is no larger than 1MB. This is done as a guarantee that the attackers have a working decryption key.
It is never a good idea to pay cybercriminals as there is no guarantee that they will deliver on their promises. A legitimate anti-malware tool will be able to remove the JesusCrypt Ransomware from your computer easily.
Do You Suspect Your PC May Be Infected with JesusCrypt Ransomware & Other Threats? Scan Your PC with SpyHunterSpyHunter is a powerful malware remediation and protection tool designed to help provide PC users with in-depth system security analysis, detection and removal of a wide range of threats like JesusCrypt Ransomware as well as a one-on-one tech support service. Download SpyHunter's FREE Malware Remover
Security Doesn't Let You Download SpyHunter or Access the Internet?Solutions: Your computer may have malware hiding in memory that prevents any program, including SpyHunter, from executing on your computer. Follow to download SpyHunter and gain access to the Internet:
- Use an alternative browser. Malware may disable your browser. If you're using IE, for example, and having problems downloading SpyHunter, you should open Firefox, Chrome or Safari browser instead.
- Use a removable media. Download SpyHunter on another clean computer, burn it to a USB flash drive, DVD/CD, or any preferred removable media, then install it on your infected computer and run SpyHunter's malware scanner.
- Start Windows in Safe Mode. If you can not access your Window's desktop, reboot your computer in "Safe Mode with Networking" and install SpyHunter in Safe Mode.
- IE Users: Disable proxy server for Internet Explorer to browse the web with Internet Explorer or update your anti-spyware program. Malware modifies your Windows settings to use a proxy server to prevent you from browsing the web with IE.