When you’ve paid up, but there’s nothing to unlock.
By John Leyden
Lazy but sneaky cybercrooks are slinging a new ransomware variant that falsely claims to have encrypted files when in reality it has deleted them.
Ranscam tricks victims by falsely claiming that files have been moved onto an hidden, encrypted partition.
In reality the malware has deleted files and comprehensively messed with system settings (removing executables associated with System Restores, deleting shadow copies, hobbling Safe Mode etc.) such that it is difficult or impossible to recover from an infection.
To read the entire article, please click here.