Home Malware Programs Ransomware Hyena Locker Ransomware

Hyena Locker Ransomware

Posted: July 17, 2018

The Hyena Locker Ransomware is a file-locking Trojan that can keep your documents, movies, and additional media from opening by encrypting their internal file data. Due to the lack of decryption solutions for the Hyena Locker Ransomware's family, the Everbe@airmail.cc Ransomware, users depend on backups for restoring this locked content. Ideally, your anti-malware software should identify and remove the Hyena Locker Ransomware automatically and prevent any initial or further encryption from happening.

Ever the Problem with not Taking Care of Your Files

It's one of the smallest families of file-locker Trojans, but the Everbe@airmail.cc Ransomware and variants of it represent a more-secure method of extortion than that of competitors like the Jigsaw Ransomware or Hidden Tear. Releases from this family use a currently-unbroken encryption technique, meaning that new versions, such as the Hyena Locker Ransomware, can keep the victim's work and recreational media imprisoned permanently and automatically. While these attacks extort money, as a rule, malware experts aren't confirming the Hyena Locker Ransomware's current price for the compatible decryption service.

The Hyena Locker Ransomware encrypts the user's data in Windows environments, and can target various formats of files that aren't critical to the operating system's regular operations, such as the Microsoft Office content (XLS, DOC, PPTX, etc.), Adobe PDF documents, pictures (JPG, GIF, BMP) and others. Besides the injecting of additional file markers into the bodies of the locked media, malware experts also are verifying the Hyena Locker Ransomware's use of a new extension ('example.jpg[hyena@rape.lol].HYENA') for helping the victims note what's unusable.

Once it finishes this AES or DES encryption method, the Hyena Locker Ransomware also creates a ransoming message in the Notepad's TXT format dynamically. The threat actors give their victims an ID number, e-mail addresses for negotiating, and an offer of a free decrypting 'sample' for three files. No price information is available for this version of the Everbe@airmail.cc Ransomware, although all users should be cautious about paying Bitcoins, vouchers, or other currencies that offer strict limitations on refunding for hoaxes.

Keeping the Hyena Locker Ransomware from Laughing Its Way to the Top

All members of the Hyena Locker Ransomware's family, including the Evil Locker Ransomware, the PainLocker Ransomware, and the Embrace Ransomware, differ through their aesthetic changes to the extensions and ransoming messages in use predominantly. However, the encryption routines are, so far, equally unbreakable in all of them, which is a trait that malware experts don't rate as being unique to this group of file-locker Trojans. Windows users can protect their files from permanent encryption by saving spares to traditionally-secure locations, such as a detached USB device or a password-protected cloud account.

The majority of file-locker Trojans favor one of two infection techniques, only one of which requires the unintentional consent of the victim. E-mail attachments using various disguises or document-embedded and corrupted content are standard download-and-install mechanisms for threats like the Hyena Locker Ransomware. Otherwise, criminals could introduce the Trojan to the system manually after breaking name and password combinations via brute-force software. Using traditional anti-malware programs for removing the Hyena Locker Ransomware can prevent these attacks, in conjunction with having careful password management habits.

Recent activity from the Hyena Locker Ransomware's family makes it apparent that Ransomware-as-a-Service is competing on equal grounds with freeware equivalents like Utku Sen's Hidden Tear. Since its capacity for file damage is under no more restraints than the author's imagination, all Windows users should concentrate on preventing the Hyena Locker Ransomware infections from happening at all.

Loading...