Home > Cyber News > Most Ludicrous Ransomware
CYBER NEWS

Most Ludicrous Ransomware

are_you_kidding_me

Ransomware is today’s most hated computer virus. However, the destructiveness of each ransomware depends on its roots. Is it part of an active, highly successful ransomware family periodically releasing new versions? Or is it one of those oddly “shaped” viruses that could make you laugh (if it weren’t for the file encryption)?

We have been observing various ransomware viruses, and we can definitely say that some of them appear more… professional than others. The list you are about to encounter has gathered some of the less adept ransomware cases. How are they different than Locky and Cerber? It appears that these pieces were all “coined” by non-professional cyber criminals via the ransomware-as-a-service model. Just a look at their ransom notes is enough for you to determine the level of greatness of their creators.

Let’s not forget that malware-as-a-service has helped many willing souls turn to the Dark Side… or, in this case, to the Dark Web.

Without further ado, here are some of the funnier ransomware cases we have come across during our daily malware researches.


Hollycrypt Ransomware Demands Vodka

Hollycrypt is yet another cryptovirus based on the HiddenTear open source project. Each encrypted file will have the extension .Hollycrypt appended to it. It uses the AES encryption algorithm and demands Bitcoins or Vodka as payment:

stf-hollycrypt-ransomware-holly-crypt-hollyman37-virus-vodka-ransom-note-read-this-shit-message

FYI: HiddenTear and EDA2 are widely accepted as the first open-source ransomware coded for educational purposes. This idea quickly turned out to be fishy, as it didn’t take long for cyber criminals to exploit the code for malicious operations.

This is the Hitler-Ransonware!

Some ransomware were obviously coined by a) non-professional cyber crooks and b) non-English speakers with English as bad as the language skills of a Russian F-grader. The ransomware was still in development when it was uncovered by security researchers at AVG. Nonetheless, the ransomware was still able to encrypt and even delete the compromised files. It could also cause a BSOD and lock the screen displaying an 1-hour deadline for the ransom to be paid. Most interestingly, the virus aimed to get users to purchase a Vodafone card for 25 Euros and add its code in a text box. And it also
displayed some quite poor English! Even ransomware is misspelled, as evident by the ransom note:

bsod-sensorstechforum-hitler-ransomware (2)


Decryptor Files Are Available at the Post Office!

A variant of the Troldesh/Shade ransomware family, dubbed Drugvokrug727 was spotted recently. The wallpaper placed on a compromised computer features a digital sketch of the main character from the movie “The Big Lebowski” – the Dude.

STF-Drugvokrug727@india-com-ransomware-crypto-virus-the-dude-the-big-lebowski-desktop-screen-wallpaper

It may be a coincidence but this ransomware could really be called a “dude” as it didn’t specify a payment for its decryption key, and it also didn’t urge victims with a payment timeframe. Plus, Drugvokrug727 has already been decrypted by researchers!


Smash! Ransomware Wants to Stab Your Files

The ransomware wants to be something it really isn’t – a deadly crypto virus that successfully encrypts files and is persistent to decryption. Instead, Smash! Ransomware is only capable of blocking access to various Windows processes and apps. Even though the ransom note screams violence and aggression, all it really turns out to be is… much ado about nothing.

A vivid example of a poorly drawn ransomware:

smash-ransomware-mushroom-danger-omg-sensorstechforum


This Ransomware Is the Grandpa You Wish You Never Had!

DedCryptor appends the .ded file extension to encrypted files. If you didn’t know, ded means grandpa in Russian. Once the victim’s files are encrypted, DedCryptor would change the wallpaper with a message that features a vulgar and demonized photo of Santa Claus, making it all seem like a joke. Apparently, DEDCryptor is no joke as it demands 2 Bitcoin which amounts to 700 USD.

dedcryptor-stforum

Researchers believe that the ransomware may be a variant of the EDA2 open-source ransomware, suggesting the virus could have been posted for sale on deep web markets, thus generating more profit for the master minds of the operation.


Joke or No Joke, You Should Be Protected against All Ransomware

Plenty of people across the Internet have been victimized by ransomware.

A ransomware or any other malware attack should have an educational purpose, if nothing else. A successful attack should increase the user’s paranoia and should also make them a tad more careful with online activities of all types. The importance of regular data backups and appropriate data hygiene is bigger than ever. There is no joke here.

If you’re reading these lines because you were attacked by any of the above-mentioned ransomware viruses, have a look at the steps provided below. And remember the phrase:

“Fool me once, shame on you, fool me twice, shame on me!”

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me:
Twitter

Leave a Comment

Your email address will not be published. Required fields are marked *

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Privacy Policy.
I Agree