SureRansom Ransomware
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
Threat Level: | 80 % (High) |
Infected Computers: | 26 |
First Seen: | February 2, 2017 |
Last Seen: | June 16, 2022 |
OS(es) Affected: | Windows |
The SureRansom Ransomware is a threat that seems to be a work in progress currently. Samples of the SureRansom Ransomware uncovered by malware analysts have shown that the SureRansom Ransomware attempts to combine the functions of an encryption Trojan with a banking Trojan since it also attempts to collect login information for online banking websites, besides charging 50 pounds to the victim's accounts automatically for its decryption 'service.' PC security analysts have observed a version of the SureRansom Ransomware in development, which is contained in executable files named either ‘SureRansom.exe’ or 'Sure.exe,' both used in the SureRansom Ransomware attacks. The SureRansom Ransomware seems to be in progress currently and is clearly still in the early stages of development. In its current form, the SureRansom Ransomware is not capable of encrypting the victims' data. The SureRansom Ransomware is being classified as a lock screen Trojan currently because of the limited functionality it has in its current stage of development.
You can be Sure that the SureRansom Ransomware will Cause a Lot of Harm
Although the SureRansom Ransomware is not capable of encrypting victims' files yet, it does display a lock screen that prevents computer users from accessing their data. The SureRansom Ransomware can display one of two different messages on the victim's computer. The following are the two messages that have been associated with the SureRansom Ransomware attack in its current form:
'Hard Drive Encrypted
your Files have been encrypted with AES-256 and cannot be
recovered without the key
To purchase the key click the link below
Purchase key (£50)'
and
'Confirm payment
Using stored passwords, £50 will be charged to one of your accounts
Purchase Key (£50)
I don't want my data'
The SureRansom Ransomware's lock screen prevents computer users from accessing their Desktops, as well as other important tools such as the Task Manager and the Registry Editor. The SureRansom Ransomware lock screen can be bypassed by starting up Windows using Safe Mode or some other alternate boot method. Computer users will receive the second message after they click on a link that says 'Purchase key (£50),' which attempts to charge the payment amount to the victim's online banking accounts automatically. This is an unprecedented payment method that has not been observed in other ransomware Trojans before.
Dealing with the SureRansom Ransomware Infection
The SureRansom Ransomware may not be working as planned. Whenever the victim's computer starts up, the SureRansom Ransomware displays its lock screen and, in the SureRansom Ransomware's current iteration', the automatic payment mechanism does not function. It is unlikely that the SureRansom Ransomware will overtake other more common ransomware Trojans, but it is certainly interesting that con artists are attempting this tactic as a way to generate profits at the expense of computer users. Today, it is more necessary than ever that computer users take steps to protect their machines from threats like the SureRansom Ransomware.
To protect your computer from the SureRansom Ransomware attack, you should have backups of all of your files (especially if the SureRansom Ransomware's encryption capability is implemented in a future iteration of this threat). It is also essential to have a reliable security program that is fully up-to-date to help remove the SureRansom Ransomware threat itself. Fortunately, in its current form, the SureRansom Ransomware's lock screen can be skipped easily by starting up Windows in Safe Mode. This will restore access to the infected computer. Once access is restored, computer users are advised to use a reliable security program to remove the SureRansom Ransomware itself.
As far as the SureRansom Ransomware may interfere with the victim's bank accounts, it would be necessary to have numerous resources to implement an attack that could be capable of doing this, since it would require attackers to plan for any number of browsers and browser configurations, as well as online banking portals. Eventually, it is likely that con artists will prefer simply to collect the victim's online banking passwords rather than implementing some automatic payment method.
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.