BASS-FES Ransomware

BASS-FES (BitchASS File Encryption System) is a ransomware-type cyber threat that is based on the HiddenTear project. The virus uses AES cryptography and appends the .basslock file extension to the encrypted files. Then it drops a ransom note called “the BASS the File the Encryption the Service Notice.txt” on the affected computer’s desktop. The ransom payment is demanded in 1 BitCoin.

BASS-FES ransomware might also distribute its payload file on social media and file-sharing services. Freeware which is found on the Web can be presented as helpful also be hiding the malicious script for the cryptovirus. Refrain from opening files right after you have downloaded them. You should first scan them with a security tool, while also checking their size and signatures for anything that seems out of the ordinary.

That ransom message appears after encryption is completed and reads the following:

“File Recovery Notice by BitchASS File Encryption System (BASS-FES)
Your files have been successfully encrypted and backuped in the cloud storage by BASS File Encryption System.
If you want to recover your files, please send 1 BTC to the following adress:
18Cgi9ADqH9NsG6zqW2xEh7wl6dQM6Rvix
If you sent 1 BTC to the adress, email at bitchasshole@protonmail.com with your Bitcoin adress.”

You should NOT under any circumstances pay the ransom. Your files may not get restored, and nobody could give you a guarantee for that. Plus, giving money to cybercriminals will likely motivate them to create more ransomware viruses or commit other crimes. We recommend using Max Total Security with ” Max Crypto Monitor ” to keep your pc safe and use its Data restore feature if ever something likes this happens.

Cyber Security Predictions -2018

The year 2018 will bring more connectivity, digital transformation initiatives, and data to companies, along with a number of new cybersecurity threats and landscape changes. Biggest areas that require extra attention are cloud computing and the internet of things, or IoT. The IoT includes the growing list of connected devices like smart thermostats, smart aquariums and smart light bulbs. Such electronics often come with security vulnerabilities that leave networks open to exploitation from hackers. For instance, hackers discovered a man-in-the-middle vulnerability in a smart refrigerator back in 2015 that granted them access to users’ gmail accounts.

Once an IoT device gets synced with a laptop, smartphone or tablet, all of the data on those machines can be compromised. Unfortunately, many of the IoT devices being manufactured today rely on cheap electronics that are incapable of supporting the security protocols that have become standard in other mobile devices. Even if a product is designed to meet the latest security standards, most IoT devices aren’t set up to receive automatic updates, so they remain vulnerable to new types of malware.

Cybercriminals will use ransomware to shut down point of sale systems. Many merchants have updated their payment systems to use end-to-end encryption and prevent criminals from obtaining credit card data from point of sale (POS) systems. This has led criminals to turn to ransomware as a means of monetizing an attack, as opposed to stealing and selling data.

Cyber terrorism also poses a threat to all humanity since successful attacks on power grids could have deadly consequences if hospitals, subways and other public services get disrupted.

IT security skills are already in high demand, and the need for new IT professionals will continue to increase with the digital transformation. Unfortunately, there may not be enough talent to fill all of the new job openings. Various reports estimate that up to 3.5 million IT security jobs will be unfilled in 2021 due to a severe talent shortage.

Government agencies and business leaders must partner together to recruit more young IT professionals, and universities will need to expand their curricula as data governance and AI technologies become more embedded into the fabric of society. Rather than maintaining a defensive approach to cyber security, the IT teams of the future could use artificial intelligence to predict threats before they arise. So there will be more application of Machine learning and Artificial Intelligence in threat detection.

Hacking Boeing 757

A US government official revealed that he and his team of IT experts remotely hacked into a Boeing 757 as it sat on the runway and were able to take control of its flight functions. Robert Hickey, a US Homeland Security cyber sleuth, managed to take over the passenger plane at Atlantic City International Airport in New Jersey.

boeing

He was successful in accomplishing a remote, non-cooperative, penetration. Which means he didn’t have anybody touching the aeroplane, He was not an insider threat. He stood off using typical stuff that could get through security and theye were able to establish a presence on the systems of the aircraft. Mr Hickey said his team used combination of radio frequency communication to hack into the craft, but that details of the breach remain classified.

There have been numerous car hacking attempts. Nothing is 100% safe in this world of internet (including iOT) but keeping your devices and Laptops as secure as possible, free from malware, spam and phishing with firewall and good detection using a good Total Security solution is the closest you can get to being secure.

Foxy Ransomware

Foxy ransomware is a file-encrypting virus that is based on the source code of an infamous Hidden Tear ransomware. Just like any other crypto virus, this one is designed to encrypt the files on the victimized computer, lock its screen and demand a ransom for a decryption tool. After the malware finishes its job, it appends a .nightmare file extension to the corrupted files.

Foxy

The Foxy file encoder Trojan is designed to apply a modified AES-256 cipher to the targeted data, which includes audio, video, images, text, databases and eBooks. The Foxy Ransomware is reported to run as ‘WindowsSoundDriver.exe’ and ‘Foxy – Rnsmwre.exe’ on compromised devices. Computer security experts note that the threat is designed to send the decryption key to its masters and delete the local Shadow Volume snapshots created by Windows, limiting the user’s recovery options effectively.
Cybersecurity experts say that ransomware is distributed via fake Windows Audio Driver , Spam emails attachments, corrupt or malicious scripts, embed doc files etc.

The Foxy Ransomware is classified as a mid-tier crypto-threat that should be removed using a reliable anti-malware such as Max Total Security. You can rebuild lost data by loading backups and copies from a cloud storage service (Dropbox, Google Drive, OneDrive, etc.) or Max Total Security Data back up.

WAFFLE Ransomware

Waffle Ransomware is newly detected file encryption virus created cyber criminals. It has been programmed with the sole motive to blackmail victims. Waffle Ransomware virus mostly get spread through spam emails, suspicious links, torrent or porn websites, peer to peer file sharing and many other tricks. This nasty ransomware virus will find and encrypt all kinds of files such as texts, documents, media files, presentations, etc. on your system.
It ask the users to pay a certain amount of money in exchange of the decryption key. However, users should know that most of the ransomware viruses does not restore users data completely even after payment.

These registry locations will show you presence of Waffle ransomware on your PC:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msmpeng.exe “Debugger” = ‘svchost.exe’

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msseces.exe “Debugger” = ‘svchost.exe’

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Waffle Ransomware

HKEY_LOCAL_MACHINE\SOFTWARE\

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings “WarnOnHTTPSToHTTPRedirect” = ’0′

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings “WarnOnHTTPSToHTTPRedirect” = ’0′

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore “DisableSR ” = ’1′

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msascui.exe “Debugger” = ‘svchost.exe’

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run “3948550101?

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “xas”

HKEY_CURRENT_USER\Software\Waffle Ransomware

If infected you can use Max Total Security >Tools>Browser Fox to reset all browsers. Recover your lost data from Max Total Security Data Back/Restore Tool and keep protection ON all the time. Happy surfing if you have Max Total Security on your PC.

Relock Ransomware

Relock ransomware is a file-encrypting virus that blocks the access to your data and demands a ransom. The Relock Ransomware Trojan is classified as a mid-tier crypto-threat that uses secure cryptographic algorithms to make data unreadable and suggest the user pay a ransom for the access to the encrypted data. The developers of the Relock Ransomware weaponized an open-source code and delivered the threat payload via spam emails to users.

This ransomware targets :
1. All Windows PC : This dubious computer virus can infect all versions of Windows computer including Windows XP, vista, 7, 8, 8.1 and the latest Windows 10.
2. Malicious code injection : This perilous threat can corrupt your registry files and inject its malicious codes to the registry files for getting automatically started on your machine without your permission.
3. Browser Redirection : Relock Ransomware Virus virus can also infect your working web browser and causes unwanted web redirection. This nasty threat can also bring other noxious malware on your PC.
4. Data Corruption : Relock Ransomware Virus virus is a lethal PC threat that harm your entire system data. It can corrupt your files and programs. It can also cause black screen of death on your computer.
5. Disable Security Programs : This nasty PC infection can also block your anti-virus and Firewall program to make its self safe in to your machine for longer time.
6. Gather sensitive Data : It can also gather your secret and confidential information by using keylogger and tracking your browsing habits. It can also risk your privacy by sharing your personal information with hackers.
7. Remote Access (Backdoor) : Relock Ransomware Virus is such a harmful virus that can allow remote hackers to remotely access your system. It can make your system more vulnerable and expose your privacy.

Data Recovery Options are Limited Significantly. It is recommended to scan with Max Total Security and use its Data back up and Recovery feature to recover your lost data.