Sun Ransomware

Ransomware threats have managed to cause a lot of trouble for countless users worldwide. This malware type is perceived largely as an easy way to make a quick buck, and this is the reason why there is a growing number of cybercriminals trying their luck in creating and spreading file-locking Trojans. The Sun Ransomware is one of the most recently spotted threats of this type.

Propagation and Encryption

The propagation methods employed in the spreading of the Sun Ransomware are not yet known. Some researchers put the blame on spam email campaigns, which contain infected attachments, as this is one of the most used methods of propagating malware. Fraudulent pirated variants of legitimate software and fake application updates also may be among the techniques for spreading the Sun Ransomware. The infected system will be scanned, and then all the files of interest will be encrypted swiftly. When the Sun Ransomware locks a file, it also alters its name by adding '.sun' at the end of the filename.

The Ransom Note

Just like most threats of this kind, the Sun Ransomware will then drop a ransom note on the user's desktop. The note's name is 'DECRYPT_INFORMATION.html.' The ransom message does not mention what the specific ransom fee is. The payment page that victims are referred to is Tor-based, and the ransom fee is demanded in Bitcoin.

If you have fallen victim to the Sun Ransomware, do not attempt to contact the creators of this threat. Such criminals will not hesitate to lie through their teeth to get their hands on your money. Make sure you remove the Sun Ransomware from your system using a legitimate anti-malware application. Then, if you wish, you can try to get some of the lost data back by using the services of a third-party data recovery solutions.