“Satana” Will Completely Disable Your PC

The latest ransomware, Satana, will completely disable your computer after a successful attack…

Ransomware seems to be taking this world by storm.  In order to avoid detection from your security software, ransomware strains have to continuously evolve and morph.

The latest version of ransomware is called Satana.  Satana will not only encrypt your files, but also attack your master boot record (MBR).  For those of you who are unaware of what the MBR is, or what it does, I will do my best to explain this.  First, the MBR is a major piece of your PC’s functionality.  If it is disabled, your operating system cannot function.  If your operating system cannot work, neither can your PC.

PC World reported Satana works by infecting your PC, encrypting files, attacking the MBR and replacing a code in the MBR with their ransom demand.  When the user tries to reboot their PC, they will only see the ransom note demanding .5 bitcoins or $340.

To make things more difficult, the user will need to submit the payment through another computer, as their infected one will be utterly useless, even to pay the ransom.

(Visited 53 times, 1 visits today)

25 thoughts on ““Satana” Will Completely Disable Your PC

  1. @Kayla Thrailkill: I STRONGLY disagree with your answer to Alan C. Buckley’s question on whether he needed any other antivirus software in addition to PCMatic. Only a fool would rely on only one security software program, for no one single program can stop every single virus or malware that’s out there.

    I have PCMatic SuperShield on my laptop, along with AVG Internet Security, Malwarebytes Anti-Malware, Malwarebytes Anti-Exploit, Microsoft Security Essentials, IObit Malware Fighter and Glary Utilities Malware Hunter. While that might come across to you as overkill, it’s far better to have multiple defense systems than only one.

  2. Why not develop anti-virus viruses, etc that kill the computer sending the virus, ransomer, keystroker etc etc..too easy…? or would it eliminate all the anti-this and that $$$…?

    • We had the same thought James, which is why we developed Tech Sentry Authentication. It implements a strike-back technology. When IT administrators suspect suspicious activity the authentication is denied and IT administrators have the option to lock down the suspected device. For the first time ever, we’ve provided IT administrators with a weapon to fight back against the anonymous hacking world of cybercrime. You can learn more about Tech Sentry Authentication here: https://www.techsentry.com/prod-authentication.asp

  3. One major thing users can do that will stop a majority of these ransomware programs from installing is to not run with Admin privileges. For your everyday use, run under an account with non-Admin privileges.

    • Our SuperShield protection is the best product available for preventative detection against ransomware. However, you also must think before you click! I would recommend you take advantage of the free KnowBe4 cyber security training, offered to all PC Matic subscribers, if you haven’t done so already!

  4. It’s nice that you tell us about these ransom ware situations, but you offer no real way to catch them before they can do anything. These ransom ware programs get around anything protecting you pc.

    • Donald-
      Thank you for your feedback. In a majority of our posts we encourage users to start using a whitelisting technology to help in protecting their PCs, as well as encourage cyber security training. To a certain extent, you are right, ransomware could bypass your security software; however having a whitelisting program will help deter the malware from being able to run on your PC. We encourage the use of PC Matic for home users, and PC Matic Pro for enterprise use. Both of these products use PC Pitstop’s proprietary whitelisting technology.

      Unfortunately, we have also received feedback that our posts are becoming too sales-pitchy, so I have tried to limit the number of times we reference our products as a solution.

  5. These are good articles but they would be great articles if you would explain how your customers receive these programs and infect their computers with it. Does it come in the form of an email? What does the email look like? What does it say? What action does the customer actually have to take to infect their computer? I don’t understand why you would write these articles and leave that critical information out for those people who are not quite literate with this threat….

  6. I haven’t worked on PCs for a while but I seem to recall that it is a fairly easy process to replace a MBR. Admittedly it won’t recover any encrypted data but it would get the computer back up & running

  7. I reported early ransomeware to the police. They were not interested. I got rid of it myself.
    What is the difference between stealing $350 on the street or with a computer?

    • While you are absolutely right that there is no difference between the two, our police organizations including every other federal law enforcement have no jurisdiction in foreign countries where most are coming from. The only thing this country can do is to appeal to those countries to prosecute.

    • I got it I just tossed the hard drive and downloaded my backup from my server I lost nothing but a 30 dollar hard drive and was up in 45 min but ya the cops don’t care we need a strong cyber division for pd

  8. Supershield?
    watching for red or green icons in the corner of the screen?
    What BS is this?
    There are some monitoring programs available that are always enabled & look for the characteristics of Ransomware behaviour. Watching for MBR changes should not be any different.
    I acknowledge that such programs are far from perfect & will need continuous development just as does the Ransomware.

    • No. As long as you are running PC Matic with SuperShield, you are good to go. You will be able to see if SuperShield is on by the color of the shield icon in your task bar located in the bottom right corner of you screen, by the time. If the shield is green you’re all set. If it’s red, you need to enable SuperShield.

Leave a Reply

Your email address will not be published. Required fields are marked *