Home Malware Programs Ransomware ANAMI Ransomware

ANAMI Ransomware

Posted: February 12, 2019

The ANAMI Ransomware is a new version of the Globe Imposter 2.0 Ransomware. This file-locking Trojan can, like its relatives, encrypts files securely so that they will not open, changes their extensions, deletes the System Restore Points and creates ransoming messages. The availability of backups may be your only recovery solution to attacks, but most anti-malware products have excellent rates of detecting and deleting the ANAMI Ransomware and its fellow Trojans.

Imposters Coming Back for More Ransoms

Copycat behavior amongst file-locker Trojans is an epidemic that, to the surprise of some users, can harm their victims as much as any competing criminals. Symptoms that are visibly similar to unrelated families of threats can create error-prone conclusions about the best solutions and precautions for a class of Trojan that's capable of enciphering and deleting data in a multitude of ways. Resultingly, Windows users should stay alert to new imitators, like the ANAMI Ransomware: a part of the latest version of the Globe Imposter Ransomware's family.

The Globe Imposter Ransomware encrypts data securely since, at least, its 2.0 build, which includes some additional changes to its payload that malware experts are confirming in the ANAMI Ransomware. The threat encrypts media on the PC, such as documents or pictures, and adds its customizable extension ('ANAMI!') for setting itself apart from any rival Trojans. The directory hosting the blocked content, also, receives a local Web page that delivers the ANAMI Ransomware's ransoming demands for an unlocker.

The ANAMI Ransomware's family, usually, will delete the Shadow Volume Copies along with encrypting the original content. This precaution denies the use of the System Restore Points for recovering any data and gives the victims highly-limited 'unlocking' options. This feature, also, carries throughout relatives like the '.Gif File Extension' Ransomware, the '.SKUNK File Extension' Ransomware, the dream_dealer@aol.com Ransomware and the Ox4444 Ransomware. Malware experts heavily recommend backing up work regularly, and to another PC or storage device, for circumventing it.

Keeping Imposters Far from Your Digital Doorstep

Without a free decryption program that, currently, is nonexistent, the victims' best strategies for adapting to the ANAMI Ransomware's campaign all involve preventing infections. Some useful behaviors for Windows users – due to this family's being Windows-specific – include:

  • Avoid using any passwords that are vulnerable to being brute-forced, including short and simple ones, as well as factory defaults.
  • Disable JavaScript, Flash, and Java from your browser for keeping exploit kit-based attacks minimal.
  • Install all security patches whenever they're available since most infection vectors use patchable vulnerabilities.
  • Be careful around e-mail attachments and file-sharing networks that form a significant portion of the platforms for the disguised installers of file-locking Trojans especially.

Anti-malware services can delete the ANAMI Ransomware easily and always should be put to use for disinfection preferentially, especially since remote attackers tend to drop additional threats after acquiring system access.

Regardless of how many new versions of this family appear, programs like the ANAMI Ransomware remain safe from free decryptors so long as their keys are secure. Windows users hoping that a Trojan's aftereffects are reversible necessarily will, as usual, find themselves unhappily surprised.

Loading...