Aleta – a latest variant of BTCWare, encrypt user files with extension [black.mirror@qq.com].aleta
Upon encryption a ransom note !#_READ_ME_#!.inf will be left at user desktop regarding payment information and [black.mirror@qq.com].aleta will be appended.
Generally infection is done via Trojan horse or spam email. All users are requested to follow below guidelines:
- Install and keep NPAV updated up-to-date.
- Make sure NPAV data backup is ON.
- Never use weak passwords on your accounts, especially on remote system access software.
- Do not click on unknown links while browsing the web and do not open emails sent by unknown people.
Keep in mind that even the strongest anti-malware programs become useless if you use weak admin passwords. In such case, crooks can brute force these passwords in a day and then fully control the target computer remotely.
Happy Indipencence day