Striked Ransomware DescriptionType: Ransomware
The Striked Ransomware is an encryption ransomware Trojan that receives its name because of the peculiar language in its ransom note. The Striked Ransomware's ransom note includes the heading 'YOUR FILES ARE STRIKED!,' an unusual way of referring to the files that have been encrypted or deleted. The Striked Ransomware infection itself is not unique or different from other ransomware Trojans in other respects particularly.
The Truth Behind the Striked Ransomware's Name
The Striked Ransomware uses a strong encryption algorithm to make the victims' files inaccessible. In its attack, the Striked Ransomware will use the AES 256 encryption to make the unrecoverable files. The Striked Ransomware will then instruct the victims to contact the email email@example.com to receive information on how to recover the affected files. There are several ways in which the Striked Ransomware may be delivered. However, the main delivery method associated with the Striked Ransomware involves taking advantage of weak remote desktop configurations and servers with unprotected Web access panels. Weak passwords and other poorly configured security settings allow third parties to access the victim's computer, install the Striked Ransomware, and encrypt the infected computer's data. The Striked Ransomware will change the affected files' file extension and write an additional 36 bytes to each affected file, apart from the use of strong encryption to make the files inaccessible. These additional small portions of data may be part of an effort to prevent PC security researchers from creating a decryption program to help computer users affected by the attack.
The Striked Ransomware's Ransom Note and Demands
The victims will recognize the Striked Ransomware because it uses a large, colorful ransom notification with its catch phrase mentioned above. The Striked Ransomware also will replace the infected computer's desktop image with its ransom note and drop an HTML file on the infected computer's desktop. This file, named 'README_DECRYPT.html,' will contain the Striked Ransomware's ransom note. The Striked Ransomware ransom note and the new desktop image is quite colorful, including colors like yellow, red and green. The Striked Ransomware's ransom note will be opened on the infected computer's Internet browser and contain the following message for the victim:
'YOUR FILES ARE STRIKED!
-=ALL OF YOUR FILES ARE ENCRYPTED!=-
Your personal identifier: [10 RANDOM DIGITS]
Your documents, photos, databases, save games and other important data were encrypted.
For a data recovery requires a decryptor.
To decrypt your files send an email to firstname.lastname@example.org
In the reply letter you will receive a program for decryption.
After starting the decryption program, all your files will be restored.
!!! Attention !!!!!! Attention !!!!!! Attention !!!
*** Do not attempt to uninstall the program or run antivirus software
*** Attempts to decrypt files by themselves will result in the loss of your data'
The files encrypted by the Striked Ransomware attack will have a new file extension: '#email@example.com#id#0123456789.' added to the end of each affected file's name. Unfortunately, the files encrypted by the Striked Ransomware attack are not recoverable without access to the decryption key, which the extortionists hold in their possession.
Dealing with the Striked Ransomware Infection
PC security analysts advise computer users to refrain from paying the ransom that the Striked Ransomware demands. Instead, they should take preventive measures to ensure that their data can be recovered in case of an attack. Having file backups or disk images is the best protection against attacks like the Striked Ransomware. If PC users can restore their files from a backup copy, then the people responsible for the Striked Ransomware attack lose any power over the victims that would allow them to demand a ransom payment. Apart from having file backups, they should block the common infection vectors associated with the Striked Ransomware. Securing all remote desktop connections, Web access and other forms of remote access can go a long way towards preventing the Striked Ransomware infections.
File System Details
|#||File Name||MD5||Detection Count|
This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.