Every other day, a team of cyber malware hunters discovered a new ransomware strain. One of the recent cryptovirological detection goes with the name Pico ransomware. The preliminary investigation couldn’t identify the ransomware family to which this strain belongs. Therefore, security researchers are unable to tell the encryption algorithm used by the operators for locking down the files on targeted devices and for now no ransomware removal measure has been devised by the security experts.
Pico ransomware might use malicious web scripts
Security experts are still trying to figure out the mechanism of delivery used by the operators. However, the stealth activity of Pico ransomware suggests that the operators are probably using malicious web pages to deliver the payload. It is important to mention that the majority of ransomware operators use email attachments to deliver the executable files of the strain to the targeted device. Nevertheless, malicious and unsecure web pages are also used to infiltrate the device with ransomware script.
Pico ransomware quietly starts its encryption activity on the targeted device. It encrypts nearly every file format stored on the device. As soon as the encryption of stored files on the targeted device is completed, a text file appears on the desktop that contains ransom note. According to the text file, the operators demand $100 dollars in Ethereum and Bitcoin to provide the decryption key for ransomware removal.
Cryptocurrency has become a staple ransom payment method in the instances of cryptovirological attacks. Ransomware operators prefer to take extortion money in cryptocurrency because of the anonymous and untraceable nature of its transactions. The operators of Pico cryptovirological strain also warn the victims to not get tired out in third-party ransomware removal services because there is no other way to get back the encrypted files except the decryption tool provided by the attackers.