 |
 | Black Ruby Ransomware |  |
|
GuitarBob
|
|
A new ransomware was discovered this week. It is called Black Ruby. It will not activate on computers that are based in Iran. At this time, there is no known method to decrypt files that it has encrypted. I have prepared a Clam AV signature for it below. Copy the signature, paste it to an empty Notebook or text file. Save the file as sigfile.mdb in the C:\ProgramData\.clamwin\db folder (or add it to an existing .mdb file if you have one).
439808:86732dcb6049a20db9f7a56d9136bd14:Win.Trojan.Ransom-021018.0402 Always make regular backups of your important documents and photos and keep them somewhere besides on your computer. Scan all files with an updated ClamWin and the Virus Total web site before you execute/run them. Also hover your mouse over all web links and see if the description matches the written one. I recommend that you do not click on links that end in .php--it is an automated script that you are probably better off without running/executing. Regards, |
|||||||||||
|
|||||||||||||
 |
| |
|
Lipper
|
|
Many thanks for your efforts, Bob. I've added the signature.
 |
|||||||||||
|
|||||||||||||
|
| |
|
GuitarBob
|
|
I don't usually do a signature unless Clam doesn't detect the malware, and it is egregious. In this case there is no decryption available for the ransomed files, the malware may be sponsored by the Iranian state, and it also adds a miner to the infected machine (who knows what else--now/later).
Regards, |
|||||||||||
|
|||||||||||||
|
| |
|
lj962500
|
|
The information I have found about black Ruby ransomware is very useful. The virus is dangerous for your system. In case you re confronting this issue with your system then immediately repair your system and also perform a complete scan of your system. For detailed information about Black ruby ransomware, you can search https://www.facebook.com Facebook. There you will find a lot of information about the virus and how to fix it.
|
|||||||||||
|
|||||||||||||
|
| |
|
GuitarBob
|
|
Hello Lipper. Nice to see you again.
Regards, That is a strange link above--I wouldn't mess with it. Note that this is a new user, and there is no real name. Always paint a web link and then check it on Virus Total (at least) before you click on it. Regards, |
|||||||||||
|
|||||||||||||
|
| BLACK RUBY RANSOMWARE | |
|
serena034
|
|
A new malicious malware was discovered some days ago. This name is black ruby ransomware. It actually likes spyware trojan like other malware. But it is not computer-based, Iran based. On the other hand, discovered a new bubblews malware which cannot enter any website. So if you keep safe to your pc then change your password regularly & keep documents backup that' way all are store just on your PC's database, not any other. I have got lots of knowledge on this topic from facebook url. I hope this will help to all.
 |
|||||||||||
|
|||||||||||||
|
 | Black Ruby Ransomware | |
|
||
|
|
|
Powered by phpBB © phpBB Group
Design by phpBBStyles.com | Styles Database.
Content © ClamWin Free Antivirus GNU GPL Free Software Open Source Virus Scanner. Free Windows Antivirus. Stay Virus Free with Free Software.
Design by phpBBStyles.com | Styles Database.
Content © ClamWin Free Antivirus GNU GPL Free Software Open Source Virus Scanner. Free Windows Antivirus. Stay Virus Free with Free Software.