• Cyber Security
    • Ransomware Prevention
    • Ransomware Removal
    • Ransomware File Recovery
    • Ransomware Types
  • Ransomware Services
    • Ransomware Removal
    • Ransomware File Recovery
  • News
  • Tutorials
  • Ransomware TV

Qinynore ransomware – A cryptovirological discovery

October 2, 2018Simeon Georgiev

Cybercriminals constantly launch new cryptovirological strains and variants of existing ransomware codes into the cyberspace. In one of the latest cryptovirological discoveries, a team of malware hunters has identified a new variant of Hidden Tear Ransomware called Qinynore.

Experts are calling it a successor of Hidden tear because it is using the same method of payload delivery (email spamming). Similarly, it is also using the same encryption module to lock down the files on the targeted devices. However, the extension used by Qinynore is different from its predecessor. The files locked down by Qinynore are appended by ‘.anonymous’.

According to the ransom note (a file in Rich Text Format) that appears on the screen of the affected device after the completion of encryption activity, the attackers demand extortion money of 400 Euros in Bitcoins for providing the key for ransomware removal. The attackers also threaten to delete the lockdown files, if their ransom demands are not met within five hours after the attack.

It’s just an empty threat since ransomware strains are not capable of deleting files. The attackers are using this threat to create a sense of urgency so that affected users resort to ransom payment instead of contacting professionals for ransomware removal. Experts are still working to devise a decrypter for Qinynore ransomware meanwhile the affected users are advised to not contact the attackers.

Spam emails: the most used payload delivery method

Spam emails are used by attackers for mass delivery of the cryptovirological payload to target various devices in a single go. If you don’t want to get embroiled in ransomware removal and recovery measures after sustaining a cryptovirological attack, then open emails with caution.

  • Don’t open an email attachment that contains unusual, unnecessary and random characters and symbols.
  • Refrain from opening email attachments sent from unknown users.
Simeon Georgiev
https://www.linkedin.com/in/simeon--georgiev/
I am a Cyber Security Enthusiast from Bulgaria. I like to write about malware and ransomware and global cyber attacks. You can reach me on Twitter @sgeorgiev1995 or Email: [email protected]
Previous post Port Of San Diego in a Ransomware Attack Next post Pennsylvania democratic caucus pays more than $700,000 for IT rebuild after ransomware attacks

Related Articles

Cryptovirological discovery: Pico ransomware

September 18, 2018Simeon Georgiev
pico ransomware

GandCrab Version 5.0 – A Cryptovirological Discovery

October 4, 2018Simeon Georgiev
GandCrab Version 5.0 – A Cryptovirological Discovery

Monro Ransomware

October 5, 2018Simeon Georgiev
Monro Ransomware

Latest on Ransomware TV

https://vimeo.com/399908876?loop=0

Recent Posts

  • How to protect your organization against ransomware reinfections
  • AuKill Helps Ransomware Operators Disable EDR and Security Tools
  • AI-ransomware is a real threat, just not a realistic one yet
  • Rorschach is the new speed king in the ransomware space
  • The Role of Supply Chain Breaches in Ransomware Attacks

Stay Protected

Subscribe to our mailing list to get the latest cyber security and ransomware removal articles!

Thank you for subscribing.

Something went wrong.

Navigation

  • Cyber Security
    • Ransomware File Recovery
    • Ransomware Prevention
    • Ransomware Removal
    • Ransomware Types
  • News
  • Tutorials

Ransomware Attacks (Last 6M)

0

Connect & Protect

Facebook
Google+
LinkedIn
YouTube
Vimeo

More

  • BECOME A CONTRIBUTOR

MonsterCloud Reviews

© 2020 MonsterCloud.com. All Rights Reserved.