Home Malware Programs Ransomware Bizer Ransomware

Bizer Ransomware

Posted: December 28, 2018

The Bizer Ransomware is a variant of the Dharma Ransomware, a branch of the Crysis Ransomware family. File-locking Trojans from this group can block your files by encrypting them, make changes to their names, show ransoming pop-ups, and wipe some formats of backup data. Having a backup on another device will protect your files from any permanent damage, and most anti-malware programs should remove the Bizer Ransomware immediately.

Reading Documents is Getting Threatening

The profitable Ransomware-as-a-Service family of the Crysis Ransomware is showing another variant for the end of 2018. The Bizer Ransomware is, like most versions of the family for the year, a new release from the Dharma Ransomware sub-grouping of the RaaS business. Its attacks show few edits, but malware researchers do rank one part of the Bizer Ransomware as being notable, which is the label it uses for hiding onboard Windows PCs.

The Bizer Ransomware uses the semi-novel pretense of being an XML document-viewing program for either tricking a victim into opening its executable or hiding the file after being downloaded by a separate threat. However, the lack of a digital signature and seemingly-random characters for the rest of its copyright credentials make it possible that the threat actors are placing little faith in the disguise for maximizing their installations per breach. The Bizer Ransomware is, like the other versions of the Dharma Ransomware – such as the 'newsantaclaus@aol.com' Ransomware, the '.Bear File Extension' Ransomware, the btc@fros.cc Ransomware, or the Arrow Ransomware – are all Windows-based.

The Bizer Ransomware's attacks encrypt the user's media, such as documents, pictures, and similar data, for locking each file and, additionally, tags their names with the 'bizer' extension. Malware experts see no other, unusual changes with the Bizer Ransomware, besides the update to its e-mail address that's typical for Ransomware-as-a-Service campaigns. Related security issues also include:

  • The Bizer Ransomware may reboot the PC before displaying a pop-up ransoming message, such as a Notepad file or advanced Web page.
  • The Bizer Ransomware may wipe the Windows Shadow Volume Copies and prevent the users from recovering their files through a Restore Point.

Preventing Network Catastrophes with a Few, Easy Steps

The Bizer Ransomware's campaign is very likely of targeting business sector networks with out-of-date software or brute-force-vulnerable login credentials. Updating software appropriately, using unique and complex logins, and keeping unused ports closed will limit most of the vulnerabilities involved in such attacks. If its document reader-based disguise is part of a downloading tactic, the victims can avoid it by ignoring download resources, such as torrents, from unsafe sources or by scanning the files before opening them.

The Bizer Ransomware's encryption feature can include locations other than the infected PC's local drives, such as mapped and even non-mapped network shares, along with removable devices. Isolate a compromised PC appropriately and avoid sharing removable drive-based devices until after complete disinfection. Although decryption is impractical, a majority of anti-malware products can delete the Bizer Ransomware without encountering any problems.

The days of the Dharma Ransomware are far from done, even as 2018 draws to a close. The Bizer Ransomware and other, equally new campaigns call for updating both network security solutions and backups unless you care to risk a lockdown on their contents.

Loading...