• Cyber Security
    • Ransomware Prevention
    • Ransomware Removal
    • Ransomware File Recovery
    • Ransomware Types
  • Ransomware Services
    • Ransomware Removal
    • Ransomware File Recovery
  • News
  • Tutorials
  • Ransomware TV

Funny Ransomware

November 12, 2018Simeon Georgiev

Another day, another cyberthreat. Unsurprisingly, the usual suspect is the same, .i.e., a ransomware strain. Security experts found a new villainy malware. It is known as Funny Ransomware. It was discovered by Jacub Kroustek who also found its origins— leading to the notorious Dharma Ransomware family.

After stealthily making its way into the computer of its victims, the ransomware generates dangerous entries by taking control of Windows Registry. Subsequently, the encryption process initiates; user’s sensitive files are encrypted and an extension of .FUNNY is added in the end.

The file from the ransomware can be identified by its size, 95 KB. Likewise, its unique extension can also be used to confirm its presence.

The ransom note is entailed in a file named as FILES ENCRYPTED.txt. The note begins with the acknowledgment that the victim’s files are no longer inaccessible due to encryption. To communicate with the cybercriminals, an email [email protected] is provided. For ransomware removal, ransom is asked in the form of bitcoins. A cheaper ransom demand is promised for quicker communication and payment. In exchange for ransom, decryption software is assured.

In order to prove the authenticity of the ransom note, attackers are asked to provide a single file (not greater than 1MB) for a demonstration of its ransomware removal. Unfortunately, this file has to be a non-sensitive one, which means it cannot be a backup file, database, or an Office document.

Since most of the attacked users do not know their way around Bitcoin, the note also adds a link to the website of “LocalBitcoins”. The cybercriminals recommend users to begin registration, purchase bitcoins and send it to them. The complete instructions for these processes are provided via a separate website.

The note ends with a warning against any attempt at ransomware removal. Also, any contact with a business or law enforcement authority is threatened with a higher ransom demand.

Simeon Georgiev
https://www.linkedin.com/in/simeon--georgiev/
I am a Cyber Security Enthusiast from Bulgaria. I like to write about malware and ransomware and global cyber attacks. You can reach me on Twitter @sgeorgiev1995 or Email: [email protected]
Previous post Hinesville Hit By a Ransomware Attack Next post CryptConsole 3 Ransomware

Related Articles

NonPetya Ransomware Caused Millions of Dollars Worth of Damage to Maersk

January 27, 2018Simeon Georgiev
NonPetya Ransomware Caused Millions of Dollars Worth of Damage to Maersk

Ransomware: 4 Types of the Latest Trend in Cybercrimes

February 1, 2018Simeon Georgiev
Ransomware: 4 Types of the Latest Trend in Cybercrimes

NonPetya Ransomware Caused Millions of Dollars Worth of Damage to Maersk

February 1, 2018Simeon Georgiev
NonPetya Ransomware Caused Millions of Dollars Worth of Damage to Maersk

Latest on Ransomware TV

https://vimeo.com/399908876?loop=0

Recent Posts

  • How to protect your organization against ransomware reinfections
  • AuKill Helps Ransomware Operators Disable EDR and Security Tools
  • AI-ransomware is a real threat, just not a realistic one yet
  • Rorschach is the new speed king in the ransomware space
  • The Role of Supply Chain Breaches in Ransomware Attacks

Stay Protected

Subscribe to our mailing list to get the latest cyber security and ransomware removal articles!

Thank you for subscribing.

Something went wrong.

Navigation

  • Cyber Security
    • Ransomware File Recovery
    • Ransomware Prevention
    • Ransomware Removal
    • Ransomware Types
  • News
  • Tutorials

Ransomware Attacks (Last 6M)

0

Connect & Protect

Facebook
Google+
LinkedIn
YouTube
Vimeo

More

  • BECOME A CONTRIBUTOR

MonsterCloud Reviews

© 2020 MonsterCloud.com. All Rights Reserved.