Usually most of the ransomware variants encrypt files and create a file containing a ransom note. It is because of this type of threat that it is recommended to have a backup copy of the data and save it on a remote server or on a disconnected storage device and that is how we will talk about this new Ransomware called Night Sky.

The authors of this class of threats often use Trojans, emails, fake software updaters, software decryption tools, and unreliable sources to download files and programs as ransomware distribution channels. Your emails contain malicious links or attachments. The purpose of these emails is to trick recipients into opening malicious files.

Examples of untrustworthy sources for downloading files and programs are unofficial web pages, various third party downloaders, peer-to-peer networks, free file hosting sites. Users cause computer infections when they open malicious downloaded files.

Night Sky encrypts and modifies file names by adding the “.nightsky” extension. For example, rename “1.jpg” to “1.jpg.nightsky”. Furthermore, it creates “NightSkyReadMe.hta” file that displays a pop-up window containing a ransom note. It should be noted that these criminals should not be trusted as they usually do not return the stolen information even if you pay them.

Always download files and software from official pages and use direct download links. Do not open files (attachments) and links to web pages in emails sent from unknown or suspicious addresses. Remember, these emails are often irrelevant and disguised as important and urgent emails from legitimate entities.


Deja un comentario

Tu dirección de correo electrónico no será publicada. Los campos obligatorios están marcados con *