HugeMe Ransomware
Posted: February 15, 2017
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Threat Level: | 8/10 |
|---|---|
| Infected PCs: | 19 |
| First Seen: | February 15, 2017 |
|---|---|
| Last Seen: | March 6, 2020 |
| OS(es) Affected: | Windows |
The HugeMe Ransomware is a threat that uses EDA2's encryption feature to demand ransoms after it locks your files. Although the HugeMe Ransomware excludes the operating system and most applications from its attack, data such as images or documents are potentially blockable without further recourse. Being able to restore your files from a non-compromised backup offers the cleanest solution to the damage this threat causes, although competent anti-malware products also should identify and terminate the HugeMe Ransomware immediately.
A Not-Quite Huge Update for Old Trojan Projects
Although the EDA2 family is relatively nondescript next to competitors like Crysis Ransomware and the Globe Ransomware, some people choose to use its code for new campaigns, even two months into 2017. Despite EDA2 being semi-famous for how quickly the anti-malware industry broke its encryption, victims not aware of these developments may fool themselves into paying the ransoms of related Trojans. The HugeMe Ransomware implements its ransom by, first, locking your files through encryption, an insurmountable barrier to anyone not prepared to decrypt them effectively.
The HugeMe Ransomware locks all files of the formats in its target list as long as they don't reside in the Windows or Program directories. Nearly five hundred kinds of data are attacked, including documents, compressed archives, audio, movies, pictures, spreadsheets, slideshow presentations, and other, miscellaneous data types. Malware experts also warn that the HugeMe Ransomware still includes the EDA2's feature for erasing the Shadow Copy backups, which a victim could use to restore their files with minimal problems.
The Trojan also makes contact with an external server to upload the decryption key. When it finishes, the HugeMe Ransomware creates three text files, all of which provide the ransoming instructions for your data. The threat actor asks for the equivalent of one thousand USD in a non-refundable cryptocurrency for unlocking any content.
Shrinking a Cyber Extortionist Down to Size
EDA2 is far from the strongest file encryptor Trojan that malware experts have put under analysis, and, as a family, it can be considered notably weak, compared to its competition. However, it may take some time to procure a free decryptor application, and the HugeMe Ransomware's author includes a five-day limit before threatening to erase the key for decoding your files. The step of making a backup not saved to your PC can prevent this Trojan from positioning itself to force you to pay a high price for your files.
Even though the HugeMe Ransomware isn't a very professionally-crafted Trojan, its high ransom fee is one that malware researchers most often see within campaigns attacking the business sector. E-mail spam and brute-forced network logins are two of the top methods in use for circulating threats of this area. Fortunately, a clear majority of anti-malware software brands do detect this Trojan and can delete the HugeMe Ransomware as soon as they scan it.
Whether they're original works or clones of old ones, threats like the HugeMe Ransomware need their victims to endanger themselves with bad file-saving practices and equally poor judgment about how they maintain their network security protocols. Even a simple password change and a backup update are, for many Trojan campaigns, the only actions needed to send their profits down to zero.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.