Australian-AES Ransomware
The Australian-AES Ransomware is a file-locking Trojan that can encrypt your documents and other media with an AES-based cipher and display a threatening pop-up. The users can regain their files through several methods if backups are unavailable, although most users should keep additional copies of their work for general safety. Let your anti-malware tools uninstall the Australian-AES Ransomware from your computer on an as-needed basis for preventing any further attacks or UI issues.
Trojans Down under with a Surprising Failsafe
File-blocking Trojans are far from new to Australia, and any interested readers could follow news of similar threats like the campaigns of the Enc1 Ransomwar or the kit-based CryptoLocker. What is new, however, is one that offers a hidden but free way of recovering your files, assuming that you don't panic. Victims of the Australian-AES Ransomware's attacks, therefore, may be grateful that they haven't suffered under the hands of a more-secure competitor – such as most of the RaaS industry.
The Australian-AES Ransomware conducts some of the basic attacks that one might see through any of its competition: encrypting the user's media formats of files with AES and creating a ransom message (in this case, through an interactive HTA pop-up). The Australian-AES Ransomware even imitates the Jigsaw Ransomware with a built-in 'countdown' for the loss of your data. However, malware researchers can confirm that letting this timer reach zero doesn't delete your files – it begins the decryption process for free.
The threat actor also, generously, includes a shortcut (Alt + M) for loading the decryptor for anyone who doesn't want to wait. This key combination has no references to it in the ransom note, which asks for Bitcoins, supposedly, for charity. The wallet's transaction history is empty, and malware researchers, as always, recommend keeping it in that condition.
What Happens When You're Too Hasty about Fighting a Trojan
The most threatening element of the Australian-AES Ransomware, much like its odd unlocking assistance, is a fact that is unmentioned in its pop-up window. This file-blocking Trojan doesn't preserve its decryption key, although it retains it in memory while the program is running. If it closes, for example, or if the user reboots, then the code is lost and unlocking your files could be impossible.
The users could choose one of the two decryption triggers that malware experts note in current releases, or, ideally, use a backup after disinfecting their PCs. While the Australian-AES Ransomware makes special dispensations for Australian victims, its encryption is compatible with most Windows users' systems. Traditional anti-malware products include means of removing the Australian-AES Ransomware, and other file-locking Trojans, relatively straightforwardly.
The Australian-AES Ransomware offers a scarce hope for anyone willing to research what's attacking their computers, but also provides downsides one might not expect. Anticipating the dangers of going on the offense is an element of securing your PC that everyone should remember.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.