[2016-04-01] Rokku Ransomware Uses QR Codes to Help You Pay for Your Files

[Scream]

"Rokku is the work of an attentive malware developer"

First and foremost, Rokku makes sure to delete shadow volume copies from your hard drive, so backup software won't be able to recover non-encrypted versions of your files. If you have backups stored offline, then you can restore them from that source, but with no shadow volume copies, recovering them from the same hard drive is technically impossible.

At the end of the encryption process, the ransomware drops its ransom notes, which are a text and an HTML file. Rokku's author attention to details can be seen in the HTML ransom note, which offers a Google Translate widget so users can translate the ransom note to their own language.

http://news.softpedia.com/news/rokku-ransomware-uses-qr-codes-to-help-you-pay-for-your-files-502446.shtml

[1715298084]

1715298084

[1715298084]

1715298084

[1715298084]

1715298084

[1715298084]

1715298084

[a7mos]

Those ransomwares are big threat for bitcoin reputation. And their developers are making it smarter and user friendly ! What a joke :/

[Hazir]

Those ransomwares are big threat for uᴉoɔʇᴉq reputation. And their developers are making it smarter and user friendly ! What a joke :/

My thoughts exactly. This bullshit need to stop now. Ransomware is the most problematic disease I came across since I am using bitcoin.
My secondary laptop got infected by it and I lost all data on it. But I never thought even for a brief moment of paying ransom.
Making it easier for people is basically like approving ransomware itself. Don't do that.

[orryde]

There's some very interesting prevention steps here:
https://community.spiceworks.com/topic/1505596-don-t-be-held-hostage-by-ransomware-how-to-stand-up-to-cryptowall
But like any other virus infection its all about damage control and acting on your disaster plan.
If you don't have backups in place, drop what your doing right now and go fix that terrible mistake!
Of course like Scream said, copying files to another spot on your disk drive is not going to do a single bit of good if you get hit.

[1Referee]

Those ransomwares are big threat for uᴉoɔʇᴉq reputation. And their developers are making it smarter and user friendly ! What a joke :/

My thoughts exactly. This bullshit need to stop now. Ransomware is the most problematic disease I came across since I am using uᴉoɔʇᴉq.
My secondary laptop got infected by it and I lost all data on it. But I never thought even for a brief moment of paying ransom.
Making it easier for people is basically like approving ransomware itself. Don't do that.

Would you mind to tell what you did to get your secondary laptop infected? I am holding Bitcoin since the very beginning of 2013 and so far I have never had problems with any kind of virus. I am quite sure that if you don't click on links and download certain things, then not much will happen.

Beside that, I have all my data backed up into an exact other HDD that gets updated each week. If my C drive gets infected for whatever reason I simply secure erase it and that's it. I'll copy the backup back into the erased drive, and all is fine again.