Home Malware Programs Ransomware notopen@cock.li Ransomware

notopen@cock.li Ransomware

Posted: September 18, 2018

The notopen@cock.li Ransomware is a file-locker Trojan from the Everbe Ransomware family. Its attacks can block files in different locations on your computer by encoding them with a potentially unbreakable encryption standard. Always back up your work for its protection against these infections and use anti-malware programs for safely deleting the notopen@cock.li Ransomware and halting the media damage.

The Trojans that are Ever a Problem for Users with No Backups

PC users who don't believe in backing up their work every once in a while are becoming targets for a new version of the small Everbe Ransomware family, which has undergone meaningful shifts in its file-locking mechanisms while being the baseline for variants like the Embrace Ransomware, the Hyena Locker Ransomware, the PainLocker Ransomware, the Thunder Ransomware, and the notopen@cock.li Ransomware. That last Trojan also is the newest, with live victims on record, although malware researchers have yet to determine how it's circulating.

Archetypal attacks for introducing file-locker Trojans to new PCs include spam e-mails, often with attachments pretending that they're financial records or brute-force attacks that can crack logins and grant a remote attacker the equivalent of a backdoor for establishing admin-level control. The notopen@cock.li Ransomware, like other versions of the Everbe Ransomware, is minimal relatively and doesn't create a sophisticated UI or change the desktop. However, it does block files by encoding them with a secure encryption algorithm (as of the 2.0 release of this family).

Every encrypted file has an appended e-mail address and extension, although the notopen@cock.li Ransomware doesn't remove any already-existing one (for example, 'rabbit.jpg' becomes 'rabbit.jpg.[notopen@cock.li.NOT_OPEN'). The Trojan also creates a Notepad TXT file on the desktop that provides the ransoming instructions for the decryption service. Since the notopen@cock.li Ransomware uses a custom decryption key per victim, malware experts can't recommend a decryption solution freely for this threat and advise having backups as a preferable solution to paying the ransom.

Don't Leave Your PC Too Open to Criminals' Programs

The notopen@cock.li Ransomware's installer takes up less than a megabyte of space. Its encryption routine is minimalist equally and can encode and lock Word or PDF documents, Excel spreadsheets, JPG or GIF pictures, and other media in a matter of seconds, and throughout multiple directories. Besides its' being a Windows-only application, malware experts can do little to narrow down the list of potential victims for the notopen@cock.li Ransomware, but for-profit businesses and servers without suitably strong logins are at high risk.

Having security tools for scanning unexpected or risky downloads, especially from e-mails, can intercept infection attempts by threat actors, who may be tricking the victims with fake invoices, news articles or office messages. Users also should disable features like RDP, Word's document macros, and their Web browsers' JavaScript routinely, for some notable examples. As long as their security software is up to date and active, quarantining the notopen@cock.li Ransomware should happen automatically, before the file-locking feature can encode any content.

File-locker Trojans like the notopen@cock.li Ransomware are becoming the norm for their underground industry, which profits by taking advantage of people with lax data storage standards and implementing quick-but-secure encryption routines. The sooner more people back up their files, the sooner Trojans like the notopen@cock.li Ransomware and the rest of its family can go out of business.

Loading...