By now all of we have heard of the global ransomware attack. It has created a lot of confusions in the mind of computer users. Over 60,000 companies of more than 100 countries have become the victim of this malware. So how this ransomware works .
WhyCry is a program developed by Ethical Overflow. So, in order to protect all the internet users from this deadly Cyber Attack , Team Ethical Overflow , after a lots of efforts have successfully created a program named WhyCry .WhyCry is a program developed by Ethical Overflow.
WhyCry blocks the two IP from which the attacker attacks the victim. WhyCry also disables SMB from the Windows which is enabled by default .
The term 'RANSOMWARE' itself gives the idea of its nature. It is somehow related to some kind of ransom. Yes, exactly it is. It is a type of malware which gets into your computer and locks down all the files. Afterwards it seeks for money from the user in order to get access to the locked files. The recent ransomwares are smarter than ever. It just not only locks down the files rather it encrypts the files which makes it really impossible to crack open the locked files. As a result the users do not have any other way to regain access to their locked files but to pay the money and get the decryption code.
So how does it get into your computer..???
The easiest to get into someone's computer is through attachments of spam emails or by entering into any unknown link. The extension of these files are different than the conventional files. Usually users turn off the file extensions, so they can not know what kind of file they are clicking on. The virus file pretends like a doc file or any other text file. But if you turn on the file extension of your computer you will see that the file extensions are different. As you click on the file all your data start encrypting and eventually asking you for ransom.
In case if you are interested these are the possible real extensions of ransomware files......( .ecc, .ezz, .exx, .zzz, .xyz, .aaa, .abc, .ccc, .vvv, .xxx, .ttt, .micro, .crypto, _crypt, .crinf, .r5a, .XRNT, .XTBL, .crypt, .R16M01D05, .pzdc, .good, .LOL!, .OMG!, .RDM, .RRK, .encryptedRSA, .crjoker, .EnCiPhErEd, .LeChiffre, .keybtc@inbox_com, .0x0, .bleep, .1999, .vault, .HA3, .toxcrypt, .magic, .SUPERCRYPT, .CTBL, .CTB2, .locky or 6-7 length extension consisting of random characters.)
How to recover a ransomware infected computer........?
Well, for now there is no way to open the encrypted files. As I mentioned earlier you have to pay through bitcoins in order to get the decryption code.
Safety measures :
- Use WhyCry
- Keep you Anti-Virus up to date.
- Create back up for the most important files either in a secured hard drive or in a secured cloud storage.
- Do not open any email attachments from unknown senders.
- Be careful while opening and downloading from any unknowing third party websites.
- Keep your Operating System up to date.
Stay safe with Ethical Overflow Team.😊 Share and help others