Ransomware is a malicious software that infects a computer or restricts access to it until the victim pays a ransom. Ransomware can spread via malicious links, file attachments, and even bundled software, using files, network shares, or removable drives as infection vectors. There are also “fileless” versions of ransomware that don’t require any infection vector and use built-in Windows tools to directly encrypt the victim’s files.
QSCX Ransomware is another ransomware strain that is part of the prolific STOP/Djvu Ransomware and can successfully block you from accessing your files. This ransomware infects PCs and locks users’ files, including word documents, music, pictures, and videos folders, and then demands a ransom of $980 to decrypt the data.
The files that QSCX Ransomware encrypts receive the .qscx extension, and victims cannot access these files until the required decryption key or software is activated. A ransom note is also left on the computer’s desktop that is titled “_readme.txt”. The note instructs the victims to contact the hackers via the emails: helpmanager@airmail.cc or helpteam@mail.ch. Users must make payments of either $980 or $490 in bitcoin, depending on whether the contact is made within the first 72 hours after infection.
QSCX Ransomware bears a very strong resemblance to other malware strains within the Djvu/Stop Ransomware family in that it employs the RSA 2048 Military Force Coding System. Similar to other ransomware, the owners of QSCX Ransomware offer to decrypt one file for free to prove that they can actually unlock the victims’ files.
How Can I Prevent Infection with QSCX Ransomware?
The best ways to protect yourself from a ransomware infection are:
- Backing up your data, so if you ever get infected, you don’t lose your data;
- Running an anti-malware program and making sure it’s always up to date;
- Employing the use of a firewall; and
- Keeping Your Operating System up to date.
