SkyName Ransomware

SkyName Ransomware Description

The SkyName Ransomware is a ransomware Trojan that is being used to attack computer users. Like most encryption ransomware Trojans, the SkyName Ransomware is designed to encrypt victims' files to demand the payment of a fee in exchange for the decryption key. Encryption ransomware Trojans like the SkyName Ransomware have increased in popularity in the last few years because the attack they carry out can be quite devastating. You can prevent the SkyName Ransomware attacks by having a strong anti-malware program and backups of all files to minimize the extent of the damage in the event of an infection.

The Inconsistence of the SkyName Ransomware

Reports of attacks involving the SkyName Ransomware first surfaced on January 10, 2017. PC security researchers observed that samples of the SkyName Ransomware were submitted to online anti-virus scanners. This is a common way in which threat creators test their threats to make sure they can bypass commonly used anti-virus programs. The current version of the SkyName Ransomware can run on the victim's computer while avoiding detection from many anti-virus programs. The SkyName Ransomware is a variant in the HiddenTear family of threats, based on an open source ransomware engine released to the public for 'educational purposes.' PC security analysts suspect that the SkyName Ransomware is still in the early stages of development.

Specific Aspects of the SkyName Ransomware Infection

Although the SkyName Ransomware carries out a typical encryption ransomware attack, there are several elements of the SkyName Ransomware that seem incomplete. In a sense, the SkyName Ransomware seems almost to be a demonstration version, which has been observed in cases involving other threats. There is nothing about the SkyName Ransomware that is more advanced from other ransomware Trojans, and the SkyName Ransomware lacks many more advanced features observed in these threats, such as communication over the TOR network. The encryption algorithm used by the SkyName Ransomware is also not particularly advanced (although this does not guarantee the eventual release of a decryption utility).

Despite that the SkyName Ransomware is not as advanced as many ransomware Trojans on the market, the SkyName Ransomware does carry out an effective encryption attack, targeting numerous file types and encrypting the victim's files as long as they are smaller than 50 MB. The SkyName Ransomware does not identify the encrypted files in any way. Many other ransomware Trojans will add a file extension to the affected files, making it obvious which files have been encrypted. However, the files that are encrypted will show up in the Windows Explorer as blank icons, since Windows will be unable to recognize them and create a thumbnail.

Distribution and Targets of the SkyName Ransomware Trojan

The SkyName Ransomware seems to target computer users located in the Czech Republic. The SkyName Ransomware delivers its ransom note in an HTA pop-up message named 'Vase soubory byly zasifrovany tak, ze k nim nemate pristup', which in English means 'Your files are encrypted so that they you do not have access.' Victims of the SkyName Ransomware attack are asked to purchase 1000 CZK (Czech Koruna) in BitCoins, which is about 0.04 BitCoin at the current exchange rate. Victims are asked to email jschweiz@protonmail.ch to confirm the payment. The ransom asked by the SkyName Ransomware is not particularly high compared to other ransomware Trojans. However, computer users should avoid paying the SkyName Ransomware ransom. When it comes to ransomware Trojans, paying the ransom does not guarantee that the decryption key necessary to restore the files will be delivered. The people responsible for the attack are just as likely to ignore the victim, ask for more money, or deliver a decryption key that does not work. Instead, PC security analysts strongly advise computer users to have backups of all files and a reliable security program that is fully up-to-date. This allows recovery by restoring the affected files from the backup.

Infected with SkyName Ransomware? Scan Your PC for Free

Download SpyHunter's Spyware Scanner
to Detect SkyName Ransomware
* SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware removal tool to remove the malware threats. Read more on SpyHunter. If you no longer wish to have SpyHunter installed on your computer, follow these steps to uninstall SpyHunter.

Security Doesn't Let You Download SpyHunter or Access the Internet?


Solutions: Your computer may have malware hiding in memory that prevents any program, including SpyHunter, from executing on your computer. Follow to download SpyHunter and gain access to the Internet:
  • Use an alternative browser. Malware may disable your browser. If you're using IE, for example, and having problems downloading SpyHunter, you should open Firefox, Chrome or Safari browser instead.
  • Use a removable media. Download SpyHunter on another clean computer, burn it to a USB flash drive, DVD/CD, or any preferred removable media, then install it on your infected computer and run SpyHunter's malware scanner.
  • Start Windows in Safe Mode. If you can not access your Window's desktop, reboot your computer in "Safe Mode with Networking" and install SpyHunter in Safe Mode.
  • IE Users: Disable proxy server for Internet Explorer to browse the web with Internet Explorer or update your anti-spyware program. Malware modifies your Windows settings to use a proxy server to prevent you from browsing the web with IE.

If you still can't install SpyHunter? View other possible causes of installation issues.

Site Disclaimer

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.

IMPORTANT! To be able to proceed, you need to solve the following simple math.
Please leave these two fields as is:
What is 2 + 14 ?