A mysterious ransomware has been lurking in the security space known as Pedcont Ransomware. So what is Pedcont and how is it different from the existing ransomware viruses?
What is Pedcont Ransomware?
Malware experts found Pedcont during a case of ransomware removal. It silently enters into a computer system and takes control of it. It then proceeds to announce its arrival through a message. The message contains text that all the data has been transferred to a remote location from the hard disk. The data can only be recovered by paying a ransom in the form of Bitcoin equivalent to $50.
After paying the ransom, the data will be removed from the remote location. The message further continues with the threat that in case of non-compliance within three days; the data will be passed over to third parties. Users who have any shady data are blackmailed over turning their data to security agencies.
How is it Different?
Other ransomwares lock and encrypt files using cryptographic algorithms like Advanced Encryption Standard. The password required to decrypt these files and remove ransomware is sent to remote location of the attackers who ask for ransom ranging between $200 to $2000 and sometimes even more depending upon the type of data that have gained access to.
Pedcont Ransomware has displayed different characteristics in comparison to traditional ransomwares. This ransomware is distinct because it gives you a black screen, rendering you unable to use your computer. Moreover, it demands lesser money.
How Does It Hunt?
According to ransomware removal experts, Pedcont Ransomware can enter in your computer through a variety of openings.
- Users are often targeted with spam emails that they download with email attachments. These mails can contain text documents like Powerpoint or Javascript scripts that consist of Pedcont.
- File sharing in Peer to Peer networks where Pedcont developers infiltrate the files in the network with their ransomware. Torrent is usually used mostly in this case due to its wide usage.
