Know More About HAHAHA Ransomware
HAHAHA Ransomware is a file-encrypting virus which is based on the CryptoWire open-source ransomware project. The threat was published on the platform known as “Github.com” in the month of September 2016. Since the CryptoWire was developed by the con artists with the main purpose of releasing other noxious crypto-threats. Creation of this ransomware appears to be the work of a skill-less programmer who used the code of an open-source ransomware identified as “CryptoWire” in order to build a brand new file-encrypting malware. According to the malware researchers, HAHAHA Ransomware uses slightly modified codes and connects the affected machine to the C&C (Command and Control) servers onto the Open web.
The first appearance of this dangerous virus were reported in the first week of year 2017 by the PC users of United States and Western Europe. Besides, the distribution tactics used by the criminal hackers relies on spam emails which carry a macro-enabled document. The file attached on junk emails try to trick inexperience PC users into downloading the document which is equipped with malicious scripts. Once the file has been downloaded, it installs the HAHAHA Ransomware immediately onto the targeted machine.
HAHAHA Ransomware Equipped with Secure Encryption Algorithms
The name of this file-encrypting ransomware virus is based on the program window displayed on the user's computer screen after the encryption procedure is completed. The program window shown by this ransomware is titled as “HAHAHAHAHAHAHA =D”. It uses the combination of RSA and AES encryption algorithms in order to encode the files or data stored on affected system. To encipher your files, the HAHAHA Ransomware generates a unique 256-bit long key and encrypts the data stored on local disks, network shares and removable media. This ransomware is especially designed by the team of cyber offenders to encipher the files, such as audio, PDFs, presentations, video, images, eBooks, spreadsheets that are under 50 MB in size.
Most importantly, it doesn't add a weird file extension and the affected PC users may be able to recognize those files by noticing a generic white icon onto them. It displays a list of enciphered files, a ransom note and an invitation link for ransom payment by using an HTA application. Infected system users are suggested to pay 500 USD or 464 EUR within 72 hours by using the Bitcoin crypto-currency and send an email to “hugoran1@gmx.com” for requesting a correct decryption key. However, the cyber security analysts do not recommend you to pay the ransom fee, because the restoration of files is not guaranteed and the hacker may not send you a right decryption key. Hence, you should remove HAHAHA Ransomware by using reputable and trusted anti-malware tool and use backups for file recovery.
没有评论:
发表评论