BTCWare Ransomware Spotted Spreading through RDS


Michael Gillespie, security researcher detected BTCWare ransomware proliferating through RDS (remote desktop services). Any weakly-protected RDS becomes the target of cyber-criminals who manually plant the ransomware. Once executed, the malware starts encrypting data on the infected PC.

Presently, the encrypted files due to the virus can't be decrypted. BTCWare a shadow virus doesn't have any prominence like a considerable improvement/feature. It just encrypts data-files utilizing the all-familiar cryptography. But, there's one novel file extension it uses for locking targeted data-files i.e. .[email]-id-id.shadow.

BTCWare keeps on corrupting file types which people use the most such as multimedia, pictures, documents and likewise contents. After the completion of data-encryption, the ransomware produces the usual ransom message which tells the victim that he should write to cyber-criminals over e-mail.

The malware purveyors volunteer to unlock 3 files without charging a fee merely to suggest victims about the existence of Shadow decryptor. But there's no surety that when payment is made for unlocking the rest of files the victim would get the decryption key.

Users who get targeted with a ransomware attack go through a terrible situation incase they didn't do data backups earlier. But, when the ransom message gets displayed on-screen, people shouldn't act hastily. For, if an end-user does pay the ransom, usually in Bitcoins, it doesn't necessarily mean everything will become alright since crooks then often consider it insignificant to dispatch the decryption key. Spyware posted this, December 4, 2017.

Thus, anybody going through Shadow ransomware assault must first remove the virus before recovering the data. To remove the ransomware virus the computer must be scanned using anti-virus program else malware-cleaning software.

Above all, it's important to take precautions than resolve the problems that arise following the attack. Further, RDS connections must be strengthened and certain security tips followed viz.,

- Not viewing unrecognizable e-mail attachments
- Verifying the accuracy of details regarding the sender along with the problem mentioned inside the e-mail prior to viewing attached docs/archives
- Loading operating system and other software updates whenever they're released
- Avoiding illegal/un-trusted shareware/freeware sources of download
- Loading authorized security software, and
- Maintaining regular backups

» SPAMfighter News - 12/12/2017

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page
Next