Photo: Valentin Ogirenko / Reuters
Researchers in the field of cybersecurity reported on the hacking attack by using a virus called Djvu. Analysis of the malware published portal BleepingComputer.
It is reported that the seizure of the computer occurs after it come special cracking programs or display advertising. The cipher was created on the basis of a known virus STOP.
The experts found that Djvu loads to the four files that are in several steps yielding the attacked machine. One of them provokes the fake message about the updates of the Windows system. This lulls the vigilance of the user.
After infection and encrypt the victim discovers the file with the contacts of ransomware. The price of decoding the hackers is not known. However, they promise to give me a discount on the ransom, if the user will turn to him for help in the near future. Also, Djvu is able to encrypt new files: the program creates a special “tasks” for the system.
The researchers said that the way to regain data without the help of hackers is yet to be found. They called on all victims of the virus Djvu to unite on a special forum.
Earlier researcher brad Duncan (Brad Duncan) found in spam emails masquerading as love letters, three harmful components. One of them was a well-known cryptographer GandCrab.
Video, photo All from Russia.