As mentioned many times before, cryptovirological operators are unrelentingly working on developing new strains and improving the old ones. This is the reason why cyber malware hunters discover new ransomware strain nearly every day. In the latest batch of cryptovirological discovery, cybersecurity researchers have discovered a new strain based on the first open source ransomware Trojan HiddenTear. Because of this association, the operator of the strain is calling it HiddenBeer. The ransomware uses the Advanced Encryption Algorithm to set off instant encryption activity on the affected device, which makes it nearly impossible to commence ransomware removal activity in the midst. After the conclusion of the encryption, a ransom note appears on the desktop and the affected files get appended by the extension ‘beer’.
Unique ransom note title
It is important to mention here that the tile of the ransom note is different from what we are used to see. The title actually has two parts. The first part consists of the strings of words ‘Files’ and ‘Help’ in this order. The second part of the file is comprised of the affected device’s name. However, the unique title doesn’t mean the operators have used any complex file format for the note. Like most of them, HiddenBeer’s ransom note is also a text file.
As per the ransom note, the operators of HiddenBeer are asking for $100 in Bitcoin to provide the key for ransomware removal. Like many ransomware operators, HiddenBeer handlers don’t threaten the affected users with permanent loss of encrypted data, but they are also not providing free ransomware removal for a couple of encrypted files to prove their authenticity.
Whether or not the operators possess an authentic decrypter, it is always advised not to engage with them for ransomware removal. Maintain data backups and rely on professional expertise in case you become a victim of cryptovirological activity.
