Home Malware Programs Ransomware Basilisque Ransomware

Basilisque Ransomware

Posted: July 8, 2019

The Basilisque Ransomware is a file-locking Trojan that extorts money from its victims by blocking their digital media The Basilisque Ransomware attacks leverage encryption that may not be reversible, and users should depend on rigorous backup strategies for counteracting any infections. You also may resolve infections that you've failed to prevent by having reputable anti-malware services uninstall the Basilisque Ransomware.

Wordplay with Trojans Leading into Worse Things

A string of attacks by a threat actor who's targeting victims with inadequate network security practices is at the forefront of what could be the latest version of the semi-obscure MegaLocker Ransomware. As is often at the root of such issues, malware researchers are rating the victims as being the unwitting instigators by either leaving RDP settings available or using brute-forcible credentials for their passwords and account names. These oversights can provoke, among other things, the Basilisque Ransomware infections.

The Basilisque Ransomware blocks the contents of NAS, or network-attached storage, with an AES-256 in CBC mode-based encryption routine. Then, it renames them with Base64 encoding and adds an extension with its e-mail address at the end. While malware experts can't rule out a chance of decryption by freeware tools, current solutions for the MegaLocker Ransomware family aren't compatible with unblocking the Basilisque Ransomware's hostage data.

The Basilisque Ransomware identifies itself by name in its Notepad ransom note. Although 'basilisque' appears French-like, it's not a legitimate word in that language and is, apparently, a play on words that references the mythological basilisk: a monster that turns victims into stone. Besides the appropriate choice of a title, the Basilisque Ransomware offers another detail that malware experts note as being less than commonplace: a warning that 'testing' the decryptor with small numbers of files will incur additional expenses, as opposed to paying the ransom for all content at once.

Lightening the Load on Your Data Storage

The Basilisque Ransomware attack scenarios that malware researchers can confirm are suggesting that the threat actor is gaining backdoor access to a target over a network and, then, running the Basilisque Ransomware manually. Users should be careful about turning Remote Desktop-based features off, use traditionally-strong passwords, enable multi-factor authentication, and update software that has any remote code execution vulnerabilities. Although the Basilisque Ransomware uses English for its communications, its activity is notable in non-English native regions.

Backup storage can help users avoid any need for paying a threat actor's ransom for the unlocking or decryption service. Although criminals may provide the help that they promise, reciprocity isn't a guarantee, and victims may pay without getting anything in exchange. Besides securing portable or network storage, users may have some chance of recovering with advanced Shadow Volume Copy utilities in rare cases where the Trojan doesn't wipe the VSS.

Anti-malware products aren't decryptors and have no file-unlocking potential. However, they can delete the Basilisque Ransomware appropriately or quarantine it for delivering samples to the security industry for an in-depth analysis.

The Basilisque Ransomware resemblance to MegaLocker Ransomware is strong but, still, just one theory among multiple possibilities. Instead of praying that estimates will pay off with decryption, users should be saving their files securely before a Basilisque Ransomware attack strikes.

Loading...