We have new ransomware Archiveus in the wild

Some AV vendors report about the new Trojan horse having ransomware characterics.

From the TrendMicro’s new TROJ_ARHIVEUS.A write-up:

This Trojan aims to extort money from the affected user by encrypting all the files located on the affected system’s My Documents folder. It does this by compressing the files into an image file and securing the said image file with a particular password. After the compressed image file has been created, this Trojan then deletes all the files located in the My Documents folder and in its subfolders.

It then leaves a ransom note on an affected system’s My Documents folder. The said ransom note informs the user that the files in the My Documents folder have been gathered and encrypted in a password-protected image file.

Symantec SSRC sees this thread as Trojan.Archiveus.

It was just last week when Troj/Ransom-A appeared. Maybe this is a new trend?

Some of readers remember SpywareNo from spyware side as well.


Comments are closed.