![]() The Yoqs ransomware encrypts files using a strong encryption algorithm and a key (‘offline key’ or ‘online key’, as described above). If the virus could not establish a connection with its command server, then it uses a fixed key (the so-called ‘offline key’). If the connection has been established, then it sends information about the infected computer to the server, and in response receives the encryption key (the so-called ‘online key’) and additional commands and malware that must be executed on the victim’s computer. The virus collects information about the victim’s computer and then tries to establish a connection with its command server (C&C). Upon execution, Yoqs creates a folder in the Windows system directory where it places a copy of itself and changes some Windows settings so that it starts up every time the computer is restarted or turned on. It is spread by websites offering to download freeware, key generators, activators, cracked games, torrents and so on. Yoqs ransomware is new version of STOP (Djvu) ransomware. ![]() ![]() Screenshot of files encrypted by Yoqs virus (‘.yoqs’ file extension) QUICK LINKS ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |