Do you know what Silentspring Ransomware is?
Silentspring Ransomware is a malicious ransomware infection that is still being developed by its creators. It means that it is not possible to get infected with this program in the wild, but you may get infected directly if you enter specific websites or if you have an unprotected remote desktop connection.
While it is not complicated to remove Silentspring Ransomware from the infected system, it might not be possible to restore the files affected by the program. Therefore, it is always very important to maintain a system backup, where you could keep copies of your most important files.
As mentioned Silentspring Ransomware is not a fully developed program, so it lacks certain aspects of ransomware behavior. The thing it really does is encrypting user’s files. To lock up the target files, this program uses the AES and the RSA encryption algorithms. In that sense, there is nothing surprising about it because that is the most frequently used encryption algorithms. It just shows that unless you have the decryption key, the chances of restoring your files are pretty slim. And this infection still does not offer you the chance to restore your files, so you are basically left on your own.
Now, as far as the distribution of this program is concerned, we have already pointed out that this program is not available out in the wild. So the infected systems must have been assaulted by the trial run. It is very likely that Silentspring Ransomware, for now, is spread directly, and that usually happens via unsafe Remote Desktop Connection protocol. If your computer is connected to some server, which has been compromised, the infection file could have reached you quite easily. Another thing is that you need to launch the installer file to load the infection, so the installer file may look like some legitimate document file. You might be tricked into opening it by the cyber criminals.
To avoid getting infected with ransomware, you should always scan the unfamiliar files you receive or the attached files you download via emails. Of course, most of them will look like legitimate PDF or DOC files, but it is very common for ransomware to trick users into installing malware on their computers by thinking they are opening some important document. So please consider scanning the new document files before opening them (especially if you do not know the sender well).
When the encryption takes place, the program scans your computer, and it mostly targets files in these directories: %WinDir%, %ProgramFiles%, and %ProgramFiles(x86)%. So it seems that the infection is clearly still a work-in-progress because instead of targeting personal files, it goes for system files. All the files that get affected by the encryption receive a new appendix that says .Sil3nt5pring. What’s more, with most of the system files encrypted, there is a chance that the computer will not be able to function properly. And it does not seem like Silentspring Ransomware cares about it because the infection does not leave anything behind.
There is no ransom note, no Internet traffic is recorded, and there is no Point of Execution created. So the people behind this infection do not try to steal anyone’s money (for now). Also, this application might be in the first steps of its development, and it could come back later on, fully equipped. So while it is not hard to remove Silentspring Ransomware at the moment, we might hear from this infection later on. And it will not be pretty.
As far as the encrypted files are concerned, you can transfer your personal files into a temporary storage drive, and then use the system restore to deal with the encrypted system files. Or you could simply format your hard drive and reinstall your Windows. It is up to you. The most important thing is that you should not panic. If you find it impossible to do it on your own, please consider referring to a professional technician.
When your system is clean again, be sure to protect it from various threats. Get yourself a powerful antispyware tool and stay away from unfamiliar websites that could be part of malware distribution networks. Other dangerous programs could spring out of nowhere, just like Silentspring Ransomware did.
How to Remove Silentspring Ransomware
- Locate the most recently launched file.
- Delete the file.
- Scan your system with a security tool.
In non-techie terms:
Silentspring Ransomware is not a full-fledged infection, but it can still cause quite a lot of harm. This program is a good example of what malicious infections are waiting for us in the future. It is not possible to restore the files affected by this infection because the criminals do not offer a decryption key in the first place. Hence, you need to remove the file that launched the infection and then protect your system from similar intruders in the future.