Striked Ransomware

What is Struck?

Struck is a ransomware-type virus that was discovered by a security researcher, Michael Gillespie. It infiltrates systems invisibly and encrypts a variety of data before disappearing. The names of encrypted files with the “’s ID” extension were struck out during the encryption process.

Example: The file “sample.jpg” is renamed to “’s ID” instead of “sample.jpg”. Upon completion of the encryption process, Struck modifies the desktop wallpaper to add a picture depicting a ransom demand message.

The message informs victims that their files have been encrypted and advises them to contact Striked’s developers to have them restored. It is currently unknown which sort of cryptography (symmetric or asymmetric) is being employed by Striked at the time of this writing. In any event, decryption is impossible in the absence of a unique key.

These keys are kept on a distant server by cybercriminals, who then contact victims and demand that they pay a ransom to retrieve them. However, although the price has not been confirmed, cyber crooks typically want between $500 and $1,500 in Bitcoins. Regardless of their demands, never put your trust in them or pay any ransom – they frequently overlook victims after they have paid their ransom.

Paying will not result in any positive outcome, and you will be taken advantage of. In addition, you will be assisting cybercriminals in their nefarious endeavors. Unfortunately, there are no solutions available for restoring files that have been encrypted by the Struck ransomware, and the only way to restore your files and system is to restore them from a backup.

A screenshot of a message urging users to pay a ransom to decrypt their infected data is shown below:

Instructions for decryption using a strikethrough

There are dozens of ransomware-type viruses that are comparable to Striked, including Oxar, Nemucod, and LockCrypt, all of which have similar characteristics to Striked.

These are only a few instances from a large number of possibilities. These malware infections, like Striked, encrypt files and then demand a ransom in exchange for the decryption key. The only significant distinctions are the size of the ransom demanded and the type of encryption algorithm employed. Keep in mind that the majority of ransomware employs cryptography to generate one-of-a-kind decryption keys. As a result, recovering files by hand is very difficult in most cases.

What was the method through which ransomware infected my computer?

Cyber thieves typically spread ransomware through the use of unofficial software download sources (such as freeware download websites, free file hosting websites, torrents, and so on), infectious spam email attachments, Trojans, and bogus software updates, among other methods. Malicious executables are frequently presented as legitimate software by third-party download sources.

Malicious attachments are frequently Microsoft Office documents (with macros) or JavaScript files that are meant to download and install malware on the target computer. Fake software updaters are used to infect a system by exploiting obsolete software bugs/flaws that have not been addressed.

How can you protect yourself from being infected with ransomware?

When visiting the Internet, exercise extreme caution to avoid becoming a victim of ransomware. You should never open attachments from questionable emails or install software from unauthorized sources. Furthermore, make sure that all of your installed applications are up to date, and that you are running legitimate anti-virus and anti-spyware software.

Keep in mind, though, that thieves spread malware by using bogus updaters to trick users into installing them. As a result, using third-party programs to update installed software might result in extremely dangerous computer infections. The most important aspect of computer security is prudence.

15th of July, 2017 – This is an update. In response to this ransomware, security researcher Michael Gillespie has made a free decryptor available to the public. You can get it by clicking HERE.