The Perfection Ransomware is a file-locking Trojan that's an estimated member of the MedusaLocker Ransomware family. The Perfection Ransomware encrypts and locks media files of major formats, such as documents, and demands a ransom through an HTML message for restoring them. Most offsite backup plans should help with the recovery of any data, and effective security services should remove the Perfection Ransomware as software that's threatening to your computer.
Staring at Files that aren't So Perfect Anymore
A new entrant in the smaller family of file-locker Trojans, the MedusaLocker Ransomware, is in the wild, making trouble for Windows users. The Perfection Ransomware carries forward the usual confusion of having ransom notes similar to other families. However, its genealogy is most likely less interesting and relevant to victims than its attacks, which include data encryption and security-reducing Registry tweaks.
The Perfection Ransomware encryption uses AES and RSA algorithms for stopping most files from opening, excluding operating system-essential ones. More cosmetically, it also appends 'perfection' extensions onto the files, although their presence or lack thereof doesn't impact whether or not the file can open. As usual, malware experts can confirm the additional deletion of the Restore Points – one of the more-obvious data backup options for Windows users.
When it finishes these attacks, the Perfection Ransomware also creates an HTML Web page for its ransom note. Similar to the Divsouth Ransomware, the Support Ransomware, the Deadfiles Ransomware, or the Best Recovery Ransomware, it offers a premium recovery service without providing particulars about the cost. In keeping with similar threats of the year, the Perfection Ransomware also suggests that the attackers can leak the files to the public for victims who don't cooperate.
The Weaknesses that Even the Perfection Ransomware can Harbor
The Perfection Ransomware's family is secure against free encryption solutions, as is the same with most file-locker Trojan families of any professionalism. Although malware researchers can't provide extensive data on its infection or installation exploits, the MedusaLocker Ransomware family usually targets poorly-protected Web servers. Both small businesses and home users may find that their sites and data are at risk from the Perfection Ransomware attacks.
For protection, Windows users should:
- Have backups that aren't on the same PC
- Use robust passwords that can resist a brute-force attack
- Install security updates related to server software as soon as possible
- Avoid unusual or suspicious downloads, including torrents and e-mail attachments
A backup on another device can alleviate the data disruption that the Perfection Ransomware might cause. However, it does little to nothing for the possibility of the attackers leaking data to the public. Regardless, Windows users should always remove the Perfection Ransomware (preferably with an anti-malware suite) before taking further actions.
The Perfection Ransomware isn't the first serpent raising its head from MedusaLocker Ransomware's neck and more may come in the future. Like most modern threats, it's a monster best slain by maintaining dependable security standards while online.