Zhong Ransomware Will Lock Your System
During a check of new malware samples, our team of researchers stumbled upon the Zhong ransomware.
This particular type of malware is used to encrypt data in order to extort a ransom from the victim. We tested Zhong on a machine and found that it encrypted files by adding a ".zhong" extension to their original names. For example, a file named "1.jpg" would become "1.jpg.zhong", and "2.png" would become "2.png.zhong".
In addition, a ransom note named "Restore.txt" was deposited onto the desktop. The note informed the victim that their files had been encrypted and that they had 48 hours to contact the attackers or risk having their stolen data exposed.
Table of Contents
Zhong Ransom Note Keeps to the Point
The full text of the brief Zhong ransom note reads as follows:
YOUR FILES ARE ENCRYPTED!!
Hello!
Your files have been encryptedand leaked by us!
You have 48 hours to contact us,
otherwise, your data will be merged into the public domain.
Contact us by mail:
zdarovachel@gmx.at
Spare Mail:
decryptydata2@gmx.net
How is Ransomware Like Zhong Spread Online?
Ransomware like Zhong can be spread through various methods online. One common way is through phishing emails that contain malicious links or attachments. These emails are designed to look legitimate and often trick the recipient into clicking on the link or downloading the attachment, which then installs the ransomware on their computer.
Another method is through exploiting vulnerabilities in software or operating systems. Ransomware attackers may use automated tools to scan for systems that are vulnerable to known exploits, and then use these vulnerabilities to install the ransomware.
Additionally, ransomware can be spread through malicious websites or compromised legitimate websites. These websites may contain exploit kits that can infect visitors with ransomware simply by visiting the site or clicking on a link.
In some cases, ransomware attackers may also use social engineering tactics, such as posing as technical support or offering free software downloads, to convince users to download and install the malware themselves.
What Are the Top Three Steps You Can Take to Safeguard Your Data Against Ransomware Attacks?
Safeguarding your data against ransomware attacks is crucial in protecting your personal or business information from being compromised or held for ransom. Here are the top three steps you can take to safeguard your data against ransomware attacks:
Regularly backup your data: The most effective way to protect your data from ransomware attacks is to have a backup of your important files and data. By regularly backing up your data to an external hard drive or cloud storage, you can quickly recover your data without paying the ransom if your computer is infected with ransomware.
Keep your software up to date: Ransomware attackers often exploit vulnerabilities in outdated software to install the malware on computers. By keeping your operating system and software up to date with the latest security patches, you can reduce the risk of being targeted by ransomware attacks.
Educate yourself and your employees: Educating yourself and your employees about ransomware attacks and how to avoid them is crucial in safeguarding your data. Train your employees on how to identify phishing emails, suspicious links or attachments, and how to report any suspicious activity. Regularly remind them to avoid opening emails or clicking on links from unknown sources.
