Threat Database Ransomware '.sVn File Extension' Ransomware

'.sVn File Extension' Ransomware

By GoldSparrow in Ransomware

The '.sVn File Extension' Ransomware is a variant of the Jaff Ransomware, which also goes by the name of Jeff Decryptor Ransomware. This variant was released a few weeks after its predecessor. The '.sVn File Extension' Ransomware uses a typical delivery method. The '.sVn File Extension' Ransomware may be sent to victims in the form of macro-enabled documents, which leverage known vulnerabilities in Microsoft Office and on the software to run scripts on the victim's computer that download and install the '.sVn File Extension' Ransomware there. These file attachments are contained in spam email campaigns that include the file attachments in email messages that pretend to come from legitimate companies such as social media platforms or online retailers. It is essential to learn to spot these hoaxes and avoid opening any unsolicited email attachments or embedded links since they can be used to deliver threats like the '.sVn File Extension' Ransomware frequently.

The Main Targets of the '.sVn File Extension' Ransomware are the User-Generated Files

The '.sVn File Extension' Ransomware was first observed in the second week of June 2017. The '.sVn File Extension' Ransomware seems to be designed to infect the most used versions of the Windows operating system and is designed to encrypt files on the infected computer, adding the file extension '.sVn' to all compromised files. Once the '.sVn File Extension' Ransomware has encrypted one of the victim's files, the file will no longer be accessible, and it will show up as a blank icon in the Windows Explorer. Unfortunately, since the '.sVn File Extension' Ransomware uses a combination of the RSA and AES encryptions to make the victims' files inaccessible, the affected files will no longer be recoverable. The '.sVn File Extension' Ransomware targets the user- generated files, rather than files that are part of the Windows operating system. The files affected in the '.sVn File Extension' Ransomware attack include media files, such as audio and video files, as well as files associated with software such as Microsoft Office, Libre Office, Adobe Acrobat, Turbo Tax, and many others.

How the '.sVn File Extension' Ransomware Demands Its Ransom

The main purpose of the '.sVn File Extension' Ransomware infection is to demand a ransom payment ultimately. To do this, the '.sVn File Extension' Ransomware will display a text note named '!!!!README_FOR_SAVE FILES.txt' on the infected computer's desktop. The text used in this ransom note is the same as the one that appeared in the previous variants of the '.sVn File Extension' Ransomware (even including the old ransomware's name rather than the new as the ransom note's title). The full text of the '.sVn File Extension' Ransomware ransom note reads:

'jaff decryptor system
Files are encrypted!
To decrypt flies you need to obtain the private key.
The only copy of the private key, which will allow you to decrypt your files, is located on a secret server in the Internet
You must install Tor Browser: https://www.torproject.org/download/download-easy.html.en
After instalation, run the Tor Browser and enter address: [REDACTED]
Follow the instruction on the web-site.
Your decrypt ID: [10 RANDOM DIGITS]'

The '.sVn File Extension' Ransomware demands a payment of $300 USD in BitCoins. This is less than what was demanded by the '.sVn File Extension' Ransomware's previous variants substantially, which asked for 2 BitCoins (nearly $6000 USD!) However, although the amount is lesser, computer users should refrain from paying the '.sVn File Extension' Ransomware ransom amount.

Dealing with the '.sVn File Extension' Ransomware

There is no guarantee that paying the '.sVn File Extension' Ransomware ransom will result in the restoration of the affected files. Furthermore, paying the '.sVn File Extension' Ransomware ransom allows con artists to continue financing and carrying out these attacks. Instead, computer users should remove the '.sVn File Extension' Ransomware with the help of a reliable security program and replace the affected files from a backup copy. File backups are essential in protecting yourself against the '.sVn File Extension' Ransomware and similar ransomware threats.

Trending

Most Viewed

Loading...