The Onion Ransomware Virus | Secure Cloud Backup Software | Nordic Backup

In the past few months, we have learned more and more about ransomwire viruses. But just when you thought you had experienced it all with viruses like WannaCry, something new and dangerous is always on the horizon. The ransomware, known as Critoni or CTB-Locker, has been named “Onion” by researchers, as its creators use command and control servers hidden in the Tor Network (The Onion Router) to hide their malicious activity.

 

shutterstock_432988318

So what makes this “Onion” bring tears to your eyes? It’s similar to CryptoLocker, the ransomware virus that was first found locking up user’s systems in late 2017. Onion searches infected machines for a list of file types (.doc, .jpeg, .zip, just to name a few) compresses them and encrypts them. After that, it displays a window that tells users exactly what has been encrypted. Then comes a 72-hour deadline and the instructions on how the user can pay the ransom in Bitcoin.

Researchers claim that this virus is spread through the bot Andromeda. It runs the malicious program Jolee, which downloads Onion on victim’s machines. Onion, like its predecessors CryptoLocker and Cryptowall, is just a new form of nasty Trojans that encrypt everything from users’ photos and documents, to vital computer files like certificates, databases and any other type of file that stores digital signatures.

Manual removal of this ransomware virus is not easy, as it requires being familiar with system files and registries. Removing important data accidentally can lead to permanent system damage. You might be better off downloading a strong anti-malware tool that will scan your system for malware and clean it safely for you.

Share This

nb@nordic-backup.ru