• CYBER SECURITY
    • RANSOMWARE PREVENTION
    • RANSOMWARE REMOVAL
    • RANSOMWARE FILE RECOVERY
    • RANSOMWARE TYPES
  • RANSOMWARE REMOVAL
    • .BETTA DHARMA
    • CRYPT
    • COMBO
    • .GAMMA
    • RYUK
    • RAPID 2.0
    • HERMES
    • DHARMA ARROW
    • NOZELESN
    • LOCKED
    • DHARMA BIP
    • DHARMA JAVA
    • DHARMA ARENA
    • OTHER TYPE OF RANSOMWARE?
  • NEWS
  • TUTORIALS
  • RANSOMWARE TV

XUY Ransomware: Cryptovirological Discovery

November 27, 2018Simo Z.

To streamline ransomware removal and recovery protocols, cybersecurity experts regularly look through the internet to find any new cryptovirological strain. In a similar ransomware hunting activity, a group of malware experts have stumbled upon a new strain that goes with the name XUY. The newly discovered cryptovirological strain is not related to any existing ransomware family.

As of now, not much is known about the technical aspect of the ransomware. For instance, we don’t know what encryption module is being used by XUY to lock down the files. Moreover, the delivery method used by XUY operators is still not known. After the encryption, which affixes every file with the extension ‘.xuy’, a ransom note appears on the desktop screen.

According to the ransom note, XUY operators are demanding 400 Euros in Bitcoins to provide the key for ransomware removal. It is important to mention here that the affected users have a tight deadline to act. The attackers only give 12 hours to victims to contact them to get the ransomware removal solution. The operators also give a Bitcoin wallet address in the note for quick extortion payment.

The examination of an affected device suggests that XUY ransomware infects the device with various malicious files. Besides the payload script, cybersecurity experts have also found malicious files in some system folders (AppData, Windows, Roaming and Local). This suggests that apart from having a ransomware removal for the recovery of data, victims also have to disinfect their entire system to restore in its original state.

Experts are still trying to find out the delivery method used by XUY operators. However, there are strong chances that they have carried out a mass distribution of ransomware payload through a spam email campaign. Therefore, it is always advised to not download and open any unsolicited email attachment.

Previous post Cyber Security Awareness Next post What to Do Against Ransomware

Related Articles

NonPetya Ransomware Caused Millions of Dollars Worth of Damage to Maersk

January 27, 2018MonsterCloud University
NonPetya Ransomware Caused Millions of Dollars Worth of Damage to Maersk

Ransomware: 4 Types of the Latest Trend in Cybercrimes

February 1, 2018MonsterCloud University
Ransomware: 4 Types of the Latest Trend in Cybercrimes

NonPetya Ransomware Caused Millions of Dollars Worth of Damage to Maersk

February 1, 2018MonsterCloud University
NonPetya Ransomware Caused Millions of Dollars Worth of Damage to Maersk

Latest on Ransomware TV

https://vimeo.com/188243833?loop=0

Recent Posts

  • Ransomware Goes Rogue against the Cloud!
  • Gearing Up Against the Ransomware Attacks
  • Decoding the Modern-Day Cybercriminal
  • How to Remove Cosanostra Ransomware?
  • Ransomware Attack on Connecticut Provider Impacts 24,000 Patients

Stay Protected

Subscribe to our mailing list to get the latest cyber security and ransomware removal articles!

Thank you for subscribing.

Something went wrong.

Navigation

  • CYBER SECURITY
    • RANSOMWARE FILE RECOVERY
    • RANSOMWARE PREVENTION
    • RANSOMWARE REMOVAL
    • RANSOMWARE TYPES
  • NEWS
  • TUTORIALS

Ransomware Attacks (Last 6M)

0

Connect & Protect

Facebook
Google+
LinkedIn
YouTube
Vimeo

MORE

  • BECOME A CONTRIBUTOR

Need Help Removing Ransomware? Call Us!

(844) 222-1221
info@monstercloud.com
© 2018 MonsterCloud.com. All Rights Reserved.