Introducing Ransom32 – Ransomware with a nasty twist

By | January 4, 2016
Print pagePDF page

Introducing Ransom32 – Ransomware with a nasty twist

Step right up. Make money by locking other people’s computers. Sign up for the affiliate program and earn 75% of the ransoms you collect! Make thousands of dollars tricking people into installing Ransom32.

No, unfortunately, that’s not more of TC’s crazy imagination – it’s a fact. Ransom32 was discovered just days ago by the folks at Bleeping Computer, and confirmed and reverse engineered by our friends at Emsisoft.

Ransom32 is the first ransomware that uses Javascript to work its dirty deeds. And the people who invented it are distributing via an affiliate program where anyone who’s willing to stoop low enough can become and affiliate and make money by tricking you into installing it.

Emsisoft, as far as we know, is one of the few antimalware/antivirus programs that will detect and warn you before you install Ransom32.

What happens if you install it? Most all of your documents, pictures, music files, videos, and other personal files will be encrypted and locked, and the only way to open them again is to pay the ransom to and get a decryption code. It’s devious software. Ransom32 has several ways of remaining undetected while its busy locking your files.

Her is how it looks when your computer is locked.

In the example above, the ransom is about $35 USD or 0.1 Bitcoins (a virtual currency that’s all the rage right now). If you don’t pay the ransom quickly, the ransom increases to $350 (approximately 1 bitcoin).

Ransom32 was just recently spotted in the wild and confirmed by both Bleeping Computer and Emsisoft.

We’ve given you a simple, pain English overview of Ransom32. You should take time to read Emsisoft’s blog to learn more and find out how this nefarious new malware works and how to avoid becoming infected. We recommend that you create backups of your personal files, just in case. And install a good antivirus/antimalware like Emsisoft to warn you before you install it. Once you install it, there is no way to get rid of it other than by paying the ransom or doing a clean install of Window or using your computer’s factory recovery partition to restore you computer to its factory state.

Learn more about Ransom32 by reading this Emsisoft blog post. Remember, the more you learn about the threats you face and the computer you use every day, the more prepared you will be. The more prepared you are – the safer you are.

3 thoughts on “Introducing Ransom32 – Ransomware with a nasty twist

  1. Carol Ross

    Thankfully I have Emsisoft for my protection, but I am curious. Can something like Ramson32 also lock the files on an attached external hard drive?

    Reply
  2. Jack

    I have used Emsisoft for a year, and would like to renew my subscription. However, the ONLY payment method offered is PayPal. I do not use PayPal and will not. I would like to use my credit card, which according to the “hype” information before clicking on the Emsisoft link shows many types of credit cards. Why can I not pay with a credit card and NOT be required to go through PayPal which wants to know how many eggs I had for breakfast?

    Reply
  3. Barb

    Don’t know if this helps or not but I tried once to use my Credit card and it wouldn’t work, was told by Darcy to use Chrome instead of internet explorer. Worked just fine and I have been using Chrome ever since.

    Reply

Leave a Reply to Barb Cancel reply

Your email address will not be published. Required fields are marked *