Zorro Ransomware

Zorro virus is a new file-encrypting malware that uses symmetric cryptography. Once infiltrated, this malware encrypts files and appends the “.zorro” extension to the name of each compromised file. For example, “sample.jpg” is renamed to “sample.jpg.zorro”. Zorro then creates a text file [“Take_Seriously (Your saving grace).txt”], placing it on the desktop wallpaper.

The most likely reason to get infected with Zorro is email spam. The crooks behind the virus rely on sending out malicious emails. These letters are masked to look like they were sent from a legit company like Amazon, PayPal, BestBuy or a similar entity. The goal of Zorro is to take over your computer and lock its important files. The virus will target audio files, documents, project files, images, music, game saves, just about everything that has the potential to be valuable to the user. The files get locked by an encryption process.

Best bet to recover your files is to restore from backup and keep an updated version of Max Total Security
on your PC.

Damage Ransomware

Damage ransomware has been spotted at the end of February 2017, and it seems to be a file encrypting ransomware, which enters victims computer system using tricky methods, then runs a scanner that detects target file types and encodes all of these files with cryptography algorithm. Such damage to data is very dangerous because usually files cannot be restored without a special decryption key, which criminals send out to their secret servers.
The virus adds .damage file extension to encrypted files and creates a ransom note[3] called damage@india.com[random chars].txt. It seems to be one of the many ransomware viruses that provide an email address and invite the victim to get in touch with criminals via email.
The virus infections are initiated mainly through direct hack attempts. The Damage Ransomware attempts to intrude into the target servers by using RDP (Remote Desktop Protocol) attacks and exploiting various weaknesses in an automated way.
The RDP intrusions are done by using an IP scanner to analyze of the standard port 3389 is available and if there is a service open.

Other ways to distribute the malware include the following:

Email Spam Campaigns – The hackers use email spam messages to spread the viruses either in hyperlinks or directly attach them to the messages. In recent times the hackers use many different kinds of social engineering tactics.
Software Installers – Infected bundle installers are often used to spread dangerous viruses. They are often found on illegal download sites and BitTorrent trackers.
Malicious Redirects – All sorts of browser hijackers and malicious redirects are used to deliver virus executables to the victims.
To aoid suh Malware infections:
Follo better anti-spam measures – don’t download shady attachments
Don’t give your email to sites with pirated content
Never install suspicious ZIP or RAR files from spammed emails
Get an anti-malware tool, and the one with a back up feature like Max Total Security.