Consider following on social media!

Quick note: if you’re viewing this via email, come to the site for better viewing. Enjoy!

We’re not MatchBox 20 but we’re good enough!
Photo by Thibault Trillet, please support by following @pexel.com

Oh boy, if you’re a Matchbox 20 fan, you might not be too thrilled about this one. The cyber world has been going crazy with ransomware attacks, and it seems like every day there’s a new victim of some nasty malware that leaves them twerking for Jesus until the next payday.

With the addition of ransomware bearing the name of one the most popular songs from the beloved 2000s, which isn’t cool at all and has us realizing it’s 3 AM and that even we are feeling quite lonely.

We are going to look at what is this attack, who is using it, what are the effects upon release, and what are some ways you prevent yourself from being kept up until 3 AM.

Why does this god-awful thing keep going off at 3 in the morning!?
Photo by Miriam Alonso, please support by following @pexel.com

The Attack

If you have been gone for some time, then maybe it’s time to come back home and find out what strain of ransomware is on the market as of late. To quickly cover what ransomware is for those who might not know, ransomware is a type of malware that encrypts your data and threatens to expose it or delete it unless you pay a ransom.

This is on par with finding your boss in a nightclub when they called out sick that day and you video them to later use as leverage for a bigger paycheck. Blackmailing aside, this strain of ransomware is named “3 AM”, not for the reason you may think. It’s not set to go off at 3 in the morning to collect your information.

Its name derives from its file extension displayed as “.threeamtime”. This is added to all encrypted files changing them from “one.jpg” to “one.jpg.threeamtime”. In case 3 AM fails to influence its victim into making a payment it’s paired with LockBit, which is another ransomware that can spread across networks and lock down devices.

Guys, you are aware hackers don’t actually look like me right? Why are you profiling?
Photo by lil artsy, please support by following @pexel.com

Who Can It Be Now

No threat actors have been named for using 3 AM ransomware but according to cybersecurity experts, it is possible that multiple threat actors are using this malware for various purposes.

So, if you receive a message saying that your data has been encrypted and you need to access the dark web to negotiate a ransom and it’s your first time. Welcome to some hard truths which are don’t count on getting a real name, your ransom being a fixed price, or getting your data restored.

Also, enjoy your stay, despite it being the dark web where the most illegal activities like hacking, drug trafficking, and selling people’s information take place, the dark web may have candy. And who doesn’t like candy?

Enjoy the read so far? Why don’t you consider subscribing so you can keep up to date?

I am here to steal nothing, I promise.
Photo by Anna Shvets, please support by following @pexel.com

That Sinking Feeling

Speaking of candy, how would someone end up with a problem like this, you may be wondering. One of the various ways that ransomware can infect your computer is through phishing emails.

Posing as a legitimate source, such as a company or an organization, they could ask you to click on a link or download an attachment. For example, you may receive an email from Hacking-U-Made-Fun Inc. that says, “Please click on the link provided for you, and confirm the documents attached.”

However, when you click on the link or download the attachments, you are actually installing malware onto your computer. The malware then ventures off to encrypt all files (depending on its coding) and demands payment to restore them.

This is on par with someone breaking into your house, putting a lock on the fridge, and demanding you pay $5,000 in Bitcoin to take the lock off.

Cop: spread em!
Guy: Hey, you ever heard Scriptingthewhy?
Cop: No.
Guy: They’re pretty great, they talk about cybersecurity and stuff.
Cop: That’s great, you’re still going to jail. But I’ll grab the link from you at booking.
Photo by Kindel Media, please support by following @pexel.com

The Prevention

Wondering how to prevent this? The foolproof way is to never interact with it in the first place, but security is never 100% and if anyone is offering 100% security, you should run the other way.

There are steps that could be taken to minimize encountering 3 AM and LockBit. Some security practices are to be cautious when opening email attachments, especially from unknown or suspicious senders.

Updating your operating system and anti-virus/malware regularly will help you detect and remove 3 AM and other threats. Avoid downloading software from untrusted sources or using third-party installers because these may run the chance of bundling 3 AM and other malware. And trust when we say, you don’t want this a part of your album.

Subscribe now or the next time we meet, I’ll charge you more than just the food in your fridge.
Photo by Anna Shvets, please support by following @pexel.com

Made it this far and found this to be entertaining? Then a big thanks to you and please show your support by cracking a like, sharing this with whomever, scripting a comment, or plug-in to follow.

Would like to give sincere thanks to current followers and subscribers, your support and actions mean a lot and has a play in the creation of each script.

Do you feel like there is something I may have missed on 3AM ransomware? Script a comment below.

Published by Zeroclay

Zeroclay, also known as Z-Daddy is the main scriptwriter for Scriptingthewhy. Being a cyber threat analyst with extensive knowledge of viruses, malware, and Trojans, he seeks to help us make cyber security and IT a more inclusive world for the common individual.

Leave a comment