We came across with a new extension that carries Ransomware: .xz
It’s a compressed file similar to .zip and .rar and can be opened by 7zip
However our WinZip and WinRar versions were not able to open it.
This is how it looks like:
Ace compressed files were popular around 2000. They can still be opened my modern decompress software. Inside this file there is an executable file
ready to encrypt your files and ask for ransom. Don’t open it. Our software will safely move this email under ‘RansomSaver’ folder in ‘Deleted Items’.
New free application added: ShadowReport.
Automate collection of Shadow Copies info and receive a detailed report via email to your mailbox.
Enable Shadow Copy and add an extra layer of recovery against Ransomware.
New suspicious attachment ( .dzip ) found and removed by RansomSaver:
We are not sure if most users will be able to open it and get infected, but we believe it's better to be safe than sorry.
Two new types of Microsoft Office Ransomware found and removed.
If you try to save the attachments on your hard disk, Kaspersky blocks them as : Trojan Downloader Agent.