The Greystars virus is a dangerous malware threat that has been identified in a small attack campaign. It appears that it follows the behavior tactics of GanCrab and Sequre. Its ransomware engine uses a custom AES cipher in order to encrypt the target data.
|Short Description||The ransomware encrypts sensitive information on your computer system with the [email protected] extensions and demands a ransom to be paid to allegedly recover them.|
|Symptoms||The ransomware will encrypt your files with a strong encryption algorithm.|
|Distribution Method||Spam Emails, Email Attachments|
|Detection Tool||See If Your System Has Been Affected by Greystars|
Greystars Virus – Distribution Ways
The Greystars virus is distributed using the most common ranasomware spread tactics. The detected initial attack wave is limited in size and does not give out details about the primary method. We presume that the hackers may attempt to use multiple strategies at once.
A preferred method is the use of email spam messages that utilize various social engineering tricks. They attempt to coerce the target users into downloading and running the dangerous files. Using harvested text and graphics taken from well-known Internet services. As such the malware files can be either hyperlinked or attached to the email messages. They are also used to deliver payloads. Two popular examples are the following:
- Software Installers — The Greystars virus can be embedded in application setup files. The criminals typically choose (Read more...)
*** This is a Security Bloggers Network syndicated blog from How to, Technology and PC Security Forum authored by Martin Beltov. Read the original post at: https://sensorstechforum.com/remove-greystars-virus-restore-encrypted-files-ransomware/