HOT LINE 1654

Alerts

"SAGE 2.0” new malware detected

26 Jan 2017

A new ransomware called SAGE 2.0 targeting email users, has been detected. This threat is considered one type of malware called CryLocker. This malicious program was sent to the email users in the form of “EMAIL_ [random_numbers] _recipient.zip”. No titles are typed in the subject line and the message enters the user's spam box.

The SPAM "email" message appears as follows:

Thus, there are Word documents and JS files inside the Zip format file. These files containing malicious scripts if the file is downloaded to the computer, it will encrypt all files on the computer and the files will be converted to .sage extension.

Then, the user accepts such a note that all types of files (audio, video, database, pictures) have been encrypted and returning them without their help is impossible. At the same time, it has been shared the links to pay some amount fro decryption of the files. As it is not guaranteed the decryption of the files after payment of the required amount, not advisable to agree this requirement. Still impossible to find techniques decrypting files, it is advisable not to open and download attachments coming from unknown sources or users.  At the same time, we encourage the users to get back up copy of the important files in the computer and save it in the another device.