Hackerman Ransomware
Posted: November 15, 2016
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Threat Level: | 10/10 |
|---|---|
| Infected PCs: | 47 |
| First Seen: | November 15, 2016 |
|---|---|
| OS(es) Affected: | Windows |
The Hackerman Ransomware is a re-release of Hidden Tear, a file-encrypting Trojan that unrelated threat actors may use for collecting extortion money. Attacks by the Hackerman Ransomware and all other Hidden Tear variants are susceptible to being negated by well-maintained backups and paying ransoms the Hackerman Ransomware asks for is not a recovery solution malware experts recommend. For preventing such damage in the first place, use anti-malware protection that can block and delete the Hackerman Ransomware during its introduction to your system.
The Cost of Giving the 'Hackerman' Full Access to Your Files
Trojan development is full of pitfalls, both for legal issues and technical ones. While sources of preexisting threat code like the Crysis Ransomware, the Globe Ransomware and Hidden Tear reduce much of the work, threat actors do have room to make new errors. For instance, the Hackerman Ransomware, which is a Hidden Tear variant that malware experts found experiencing significant stability problems.
The Hackerman Ransomware campaign deploys extortion messages targeting Spanish-speaking nations, most likely including populous South American countries such as Brazil in addition to, of course, Spain. Besides the linguistic switch from most file-encrypting Trojans, the Hackerman Ransomware does keep to the previously-formed expectations of a Hidden Tear Trojan's capabilities, including encoding your files by force.
Malware experts also saw numerous cases of samples of the Hackerman Ransomware self-terminating abruptly. When it does fail to crash, the Hackerman Ransomware's primary function encodes media, such as documents, within commonly-used folders like the Windows downloads directory. The Hackerman Ransomware assists with identifying the encrypted and blocked content by adding the same '.locked' extension also being used by the iRansom Ransomware, the Shark Ransomware, and others.
Last, it creates a ransom message on your desktop (the file 'Leeme Por Favor.txt') communicating its ransom demands for decrypting your files at a price.
Hacking Your Way out of Another Ransom Scheme
Stability concerns for this threat could help its victims by closing the Hackerman Ransomware before it can finish enciphering your local data. Since research into decrypting new versions of Hidden Tear is a public investigation with no fee for access to the decryptors, PC owners without backups should consider attempting them before paying a con artist's ransom. Slightly under half of all large brands of anti-malware programs also have positive detection rates against the latest samples of the Hackerman Ransomware and may block this threat initially.
Members of a given family of file-encrypting Trojans are not equally vulnerable to being decrypted by free solutions necessarily. If you have saved files that you can't afford to lose, consider backing them up to password-protected servers or other locations, such as USB drives, that malware experts have rated as being safe against most attacks previously. Outside of the fate of your private content, due to this family's affecting essential Windows components, the responsible deletion of the Hackerman Ransomware always should include the dutiful use of your anti-malware products.
For Spanish speakers, the Hackerman Ransomware is, possibly, a welcome break from the more sophisticated banking Trojans that are most often seen targeting Spanish-speaking regions. However, its simplicity doesn't hamper the Hackerman Ransomware's ability to do damage that may be impossible to reverse in full.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.