Remove GreyStars Virus – Restore Encrypted Files by the Ransomware

The Greystars virus is a dangerous malware threat that has been identified in a small attack campaign. It appears that it follows the behavior tactics of GanCrab and Sequre. Its ransomware engine uses a custom AES cipher in order to encrypt the target data.

Threat Summary

TypeRansomware, Cryptovirus
Short DescriptionThe ransomware encrypts sensitive information on your computer system with the [email protected] extensions and demands a ransom to be paid to allegedly recover them.
SymptomsThe ransomware will encrypt your files with a strong encryption algorithm.
Distribution MethodSpam Emails, Email Attachments
Detection Tool See If Your System Has Been Affected by Greystars

Malware Removal Tool

User ExperienceJoin Our Forum to Discuss Greystars.Data Recovery ToolWindows Data Recovery by Stellar Phoenix Notice! This product scans your drive sectors to recover lost files and it may not recover 100% of the encrypted files, but only few of them, depending on the situation and whether or not you have reformatted your drive.

Greystars Virus – Distribution Ways

The Greystars virus is distributed using the most common ranasomware spread tactics. The detected initial attack wave is limited in size and does not give out details about the primary method. We presume that the hackers may attempt to use multiple strategies at once.

A preferred method is the use of email spam messages that utilize various social engineering tricks. They attempt to coerce the target users into downloading and running the dangerous files. Using harvested text and graphics taken from well-known Internet services. As such the malware files can be either hyperlinked or attached to the email messages. They are also used to deliver payloads. Two popular examples are the following:

  • Software Installers — The Greystars virus can be embedded in application setup files. The criminals typically choose (Read more...)

*** This is a Security Bloggers Network syndicated blog from How to, Technology and PC Security Forum authored by Martin Beltov. Read the original post at: