Last week, cyber hunters discovered a dangerous cryptovirological strain called PGPSnippet. The strain developed on very comprehensive and complex encryption algorithm is able to lock down every file on the affected computer. This means ransomware removal activities to get rid of PGPSnippet can be quite time-consuming. Every affected file gets the extension with the email contact of the attackers. It also drops a ransom note on the desktop of the affected device.
PGPSnippet Operators Look Ruthless
By their infiltration and encryption activity, it seems like PGPSnippet operators are not some rooky cybercriminals. There are two reasons why security experts have come to this conclusion.
Demanding Reasonable Amount of Ransom
Small and large ransoms amounts, both can work against attackers. In case of nominal ransom demands, the affected users think that they are only lured to pay and the attackers won’t provide them decryption key in such nominal amount. On the other hand, hefty ransom demands are a non-starter because of the majority of the victims start to look elsewhere for ransomware removal instead of dealing with the attackers.
For that matter, PGPSnippet operators demand a reasonable amount of money for ransomware removal ($500) so that the victims can seriously consider the option of the ransom payment.
Using Deadline Tactfully
They give a 3-day deadline to the victims. Non-compliance with the deadline results in doubling the ransom amount. The 72-hour deadline basically helps in the cases where hesitant victims fail to reach a decision and as the deadline approaches, they pay the attackers to avoid ransom increment.
PGPSnippet Uses Email Attachment
Email attachments are one of the most used tools to deliver cryptovirological payloads. PGPSnippet operators also use obfuscated attachments to infiltrate the device by posing as a representative of some legitimate company. As soon as the user opens the malicious attachment, an executable file ‘SETT’ quickly starts to run on the affected device. Within few minutes, the payload finishes its encryption activity.
According to security experts, it is possible to recover your data with third-party ransomware removal services. So, instead of getting psychologically exploited by the operators, immediately get in touch with IT security professionals after the attack.
