Losers ransomware

Losers ransomware is a recently discovered file-encrypting malware that uses a sophisticated encoding algorithm to lock various types of files stored on the affected computer. In order to prevent users from opening and using files, crypto-malware appends .losers file extension. Malware executable has been noticed spreading via free DVD burning software called Burn4Free. However, other distribution channels might be used as well. Apart from encrypting files, Losers might also create several system changes, modify Windows Registry, create new files or download other malicious content. It might use lots of RAM and CPU too. Thus, the computer becomes sluggish, programs might not work properly, and browser might open suspicious websites.

Just like other ransomware-type infections, Losers malware also delivers data recovery instructions and demands to pay the ransom. Currently, the virus downloads the HOWTODECRYPTFILES.txt file. Once the malicious Losers ransomware payloads are on the computer, it initiates the infection process. The ransomware ensures its sustainable presence on the PC by creating files and accessing different system libraries that allow it to perform various functions. The Losers ransomware associated files may plague essential Windows OS folders like:

%Temp%
%AppData%
%Windows%
%Local%
%Roaming%

Afterward, it initiates scanning process and encrypts all files set as its target utilizing the AES-256 encryption algorithm. The encrypted files are marked with the malicious extension .losers at the end of their names. Crypto viruses like Losers usually target commonly used and important file types – various multimedia files (audio, video, and photos), backup images, configuration files, office documents and more. Some of the captured samples were shown to encrypt a generic list of file type extensions.

The note of the Losers ransomware states that your files are encrypted and a ransom of 500 US dollars in the Bitcoin cryptocurrency should be paid to retrieve the decryption key. However, it is better to avoid any payments to criminals and try to recover encrypted files via alternative methods such as recovering from back up provided in total security products such as Max Total Security. There is no guarantee that criminals will send a working solution after the payment is transferred.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>