Ransomware

BlackShades Ransomware – Encrypts your Files and tease Security Researchers

Ransomware has been a mystery for researchers. More they dig into the malware program, harder they are trolled. Now, yet another Ransomware called BlackShades, is anguishing the researchers with nasty taunts.

BlackShades Ransomware is another malware which secretly takes control over users’ computers. The malware program is transmitted to the victim’s system through malicious webpages. Usually, it infects the system without letting the victim know about, i.e. via drive-by download means.

Other than this, it is also potent to transmit itself through external storage like USB flash drives. The Ransomware encrypts almost all sort of files, including user’s downloads, pictures, music, documents, desktop folders, etc.

Who has been the Target Victims?

The Ransomware program has primarily affected users from Russia and United States. Unlike others, BlackShades ask for little money. It is usually $30 and is paid via Bitcoin & PayPal.

Tactic used by BlackShades:

The Ransomware behaves like variants. It heads on to encrypt files once the user has been infected with it. It encrypts the files with an extension (In one case it was ‘.silent’). (This could be hacker’s call to silent the victims and researchers who have been trying to smash Ransomware attacks.)

What’s nasty about BlackShades?

Recently, a researcher named Lawrence Abram had posted about the Ransomware, “During different stages of the encryption process it will check again for the ability to connect to Google, and if possible, will connect to the Command & Control server and send an update that contains the count of files that have been encrypted.”

When the Ransomware notify users about encryption, it somewhere in between also put some nasty comments to tease the users and perhaps researchers. Its messages, which are mostly encoded with base64, contain hidden notes for researchers and are nothing less than teases.

Some of these messages have been decoded and reads as “YoxcnnotcrackthisAlgorithmynare>idiot<” and “youaresofartocrackme.”

Another string, when decoded read as “you cannot hack me, I am very hard.”

Avoid getting preyed by BlackShades:

As the saying goes- prevention is always better than cure, you should avoid getting into the trap of the Ransomware. You should keep a backup of all your data. This can serve as the armor against Ransomware. Even if the malware program attacks, you will always have your data safe and secure. You can safely keep your data on cloud storage with the help of Right Backup app.

Right Backup is a handy app to store, share and download any sort of data on cloud. The app offers some wonderful benefits to users. Find them here.

Ransomware attacks are getting stronger with each day. Lately, almost every week a new kind of Ransomware attack is seen. You should stay alter and do not visit any malicious website or download any attachment on email from an unknown user. Above all, you always keep a backup of all your data to remain on the safer side. Use Right Backup for this task. 

Leave a comment