A wave of ransomware called GlobeImposter 2.0 has been affecting the computers of innocent users of the internet. They are being threatened by extortionists to visit a Tor website so that they can pay the ransom amount for ransomware removal and to have their files decrypted.
While there is nothing unusual about this, researchers at Coverware found something quite different about these criminals. These particular victims were simply left in the lurch because the mastermind criminals have simply ghosted and left no details about ransomware removal.
The report even featured the conversation threads between the criminals and victims and the last message said it all – “Hello is anyone there?” This means that if the victims didn’t back up their files, they were completely screwed!
Past victims of GlobeImposter attacks have said that email addresses were provided to them and users of encrypted computers had received information for ransomware removal. The reason for these masterminds to ghost on their victims still seems unclear because the victims didn’t seem to get any help from the Tor website that was provided via the ransomware.
This is also why the Coverware report is urging people to back up their files if they haven’t already. There is a huge chance the ransomware attack may completely abandon you leaving you completely and utterly helpless.
Usual ransomware websites ask their victims to upload their contact information on the website while allowing users to send short messages. In both cases, the GobeImposter tests had failed while the support function of the site said that it wasn’t working. Even if you check the status of these emails, you will find that there is no indication that the support function is being monitored. All in all, the perpetrators have vanished.
Do not wait until it is too late and think about your back up regime right away!
