We all are well aware of the business models through which cryptovirological attackers operate. They encrypt the data on the targeted computers and then ask the victims to pay in Cryptocurrency (mostly Bitcoins) to get the decryption key for ransomware removal. This is the reason why ransomware is also known as cryptolocker and cryptomalware.
However, a recent ransomware strain discovered by an independent security researcher is slightly different from the rest. This cryptovirological strain is acting like any other ransomware. However, the ransom note that appears at the end of the encryption demands zero Bitcoins for ransomware removal.
Is it a prank?
It has happened that pranksters would use screen locking scripts masquerading as ransomware to mess around. However, the preliminary investigations suggest that this is not the case with the activity of SymmyWare ransomware. Even though its operators are actually demanding nothing in the note, but the strain really encrypts the files stored on the targeted device. The encrypted files are affixed with the additional extension of ‘SymmyWare’ and ransom note in a text file format appears in every folder.
The motives are yet unknown
The ransom note doesn’t give away anything regarding the intentions of the attackers. In the note, they have categorically warned the users from trying ransomware removal on their own because it can lead to the permanent corruption of files.
What to do?
It has always been advised by the digital security experts and law enforcement agencies that never engage with the attackers for ransomware removal. Cybercriminals are not guided by any morality and can inflict more damage to your system by sending malware in place of decrypter. So, if you have become a victim of SymmyWare strain, get in touch with ransomware removal experts to get back your encrypted data instead of getting exploited by the attackers.
