By CagedTech in Ransomware

PoshCoder is a threat that criminals use to take over the victims' computers in order to extract a ransom. Because of this, PoshCoder is often classified as a ransomware Trojan, using a common tactic that involves encrypting the contents of the victim's computer. When PoshCoder blocks the victim's files, PoshCoder leaves a VBS file named 'UnblockFiles.vbs' on each of the affected folders. When computer users run this script, one of the encrypted files will be decrypted, but only one. After that, PoshCoder will demand that the victim pay a ransom in BitCoin. It is important to note that PoshCoder, as well as other recent threats that use the same tactics such as the Cryptorbit Ransomware and BitCrypt Ransomware represent a threat to your computer. PoshCoder will encrypt your files and change their extension to .poshcoder, causing you to lose data that is not backed up externally. PoshCoder is also part of a strategy that seeks to gather the computer users' Bitcoin wallets.

PoshCoder is Just a Ransomware with a Posh Name

PoshCoder encrypts the victim's files in the background, without alerting the computer user until the files are encrypted and it is too late. In fact, the main purpose of PoshCoder is not its ransomware portion, but to reach the computer users' Bitcoin wallets while the computer user is distracted by the ransomware messages. PoshCoder is designed to target victims worldwide and will claim that it is necessary to add Bitcoins to the Bitcoin wallet. This is merely a ploy to ensure that the victim has Bitcoins to get. Apart from encrypting files, PoshCoder may interfere with the infected computer's Task Manager and Registry Editor, preventing computer users from using their computers as normal. PoshCoder also specifically targets potentially sensitive files, especially Office documents and pictures, since these tend to have the most value for victims of PoshCoder.

Protect Yourself from PoshCoder

The best way to protect yourself from PoshCoder's attack is to always keep a backup of all your important data on an external location. This way, you will not be at the criminals' mercy when they take over your computer. To limit the damage, use a reliable security product updated recently to disinfect your computer.

Related Posts


Most Viewed