Spamhaus Ransomware

Posted: April 16, 2013

Threat Metric

The Threat Meter is a malware assessment that SpywareRemove.com's research team is able to give every identifiable malware threat. Our Threat Meter includes several criteria based off of specific malware threats to value their severity, reach and volume. The Threat Meter is able to give you a numerical breakdown of each threat's initial Threat Level, Detection Count, Volume Count, Trend Path and Percentage Impact. The overall ranking of each threat in the Threat Meter is a basic breakdown of how all threats are ranked within our own extensive malware database. The scoring for each specific malware threat can be easily compared to other emerging threats to draw a contrast in its particular severity. The Threat Meter is a useful tool in the endeavor of seeking a solution to remove a threat or pursue additional analytical research for all types of computer users.

The following fields listed on the Threat Meter containing a specific value, are explained in detail below:

Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.

Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.

Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.

Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.

% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.

Threat Level:	2/10
Infected PCs:	44

First Seen:	April 16, 2013
OS(es) Affected:	Windows

The Spamhaus Ransomware is a Trojan that generates a fake legal warning that claims to have locked your computer on account of its distribution (either willingly or accidentally) of malware. The truth behind these attacks is that the Spamhaus Ransomware actually isn't affiliated with Spamhaus – a legitimate anti-spam organization – and will lock your computer even if the Spamhaus Ransomware, itself is the only kind of malware that's on your hard drive. Even though, compared to a typical Police Trojan, the Spamhaus Ransomware uses a different kind of pop-up warning, The Spamhaus Ransomware still is malicious, and SpywareRemove.com malware analysts highlight that its ransoms never should be paid. Anti-malware products may remove the Spamhaus Ransomware safely and avoiding the Spamhaus Ransomware's lockdown can be done with the standard security techniques that are described in this article.

Why a Name Isn't Everything in the War Against Spam

Although the Spamhaus Ransomware doesn't make any direct reference to the local police of any region, more effort appears to have been put into the design of the Spamhaus Ransomware's fake alert than that of the standard Police Ransomware Trojan. The Spamhaus Ransomware's pop-up warning conforms to the basic aesthetics of the Spamhaus website and also includes a mention of the American Patriot Act, another reference to the Spamhaus's XBL Advisory (a list of spam attack sources), and even a timer that counts down until you pay its ransom. However, these details don't make the Spamhaus Ransomware any less illegal than the Spamhaus Ransomware is by default, and SpywareRemove.com malware experts emphasize that the real Spamhaus has denounced the Spamhaus Ransomware explicitly.

The Spamhaus Ransomware locks your computer with its pop-up under the pretense of preventing you from distributing malware, spam and comparable PC threats, but it's important to understand that the Spamhaus Ransomware's attacks take place even if your computer is, otherwise, completely healthy. Neither is there any reason to take the Spamhaus Ransomware's MoneyPak ransom demands or its ominous countdown timer seriously.

Currently, SpywareRemove.com malware researchers are unable to confirm the means by which Spamhaus Ransomware infects new computers, but, in general, online exploit kits that are hosted on hacked websites are one of the most probable sources of infection by ransomware-based Trojans.

Taking Your Computer Back from the Fake Anti-Spam Authorities

Given its choice of legal citations, the Spamhaus Ransomware's attacks appear to be pointed at US residents, but the Spamhaus Ransomware and similar PC threats also may prove equally inconvenient to PCs in other countries. Compatibility for Windows PCs has been verified, but whether or not the Spamhaus Ransomware is a viable threat against Linux, Mac or other brands of OSes remains under investigation.

While Spamhaus Ransomware wouldn't want you to be aware of this, any ransomware-based lockdown like the pamhaus Ransomware's pop-up lock can be unlocked without paying the associated 'fine.' Instead, just disable the Spamhaus Ransomware by booting in Safe Mode, which is available to all Windows computers by default. If Safe Mode is inaccessible or fails at disabling all PC threats, SpywareRemove.com malware experts also suggest loading a backup OS from any peripheral drive.

With the Spamhaus Ransomware and its pop-up disabled, deleting the Spamhaus Ransomware should not be difficult, as long as you use suitable anti-malware programs to be certain of disinfecting your computer entirely.

Technical Details

Additional Information

The following messages's were detected:

#	Message
1	Spamhaus online agent v. 2.0.8 The Spamhaus project Working to Protect Networks Wordwide You have 48 hours left to enter your payment. You have lost control over your computer. Your system and all your files has been blocked and encrypted because you were spreading the Malware (viruses, Trojans, worms). You are breaking numerous International and USA laws.