Home Malware Programs Ransomware Artemis Ransomware

Artemis Ransomware

Posted: October 15, 2020

The Artemis Ransomware is a file-locking Trojan that can block media such as documents with its encryption routine. It's a relative of the PewPew Ransomware and includes that threat's signature features, such as the HTA ransom note. Users with protected backups should find recovery easy, although traditional security products should block the Artemis Ransomware attacks and remove the threat immediately.

From Sound Effects to Greek Myth in One Update

The PewPew Ransomware, a recently-appearing Trojan family, already is splitting off into variants, with unknown threat actors taking advantage of the new tools for extortion. The Artemis Ransomware is the earliest update malware experts can verify, and most of its features are repeats of its onomatopoeic ancestor. With samples not disguising their Greek mythology-referencing names, the campaign's theme might or might not relate to the infection exploits in any meaningful way.

Named after the Greek huntress-goddess of the moon, the Artemis Ransomware hunts after the user's files appropriately by launching an attack that searches for media (documents, pictures, archives, and music are prominent examples) and encrypts or locks it. Keeping with the mores of most Ransomware-as-a-Services, it also changes their filenames and inserts ransom-related data and its extension superficially.

Like the PewPew Ransomware, the Artemis Ransomware uses a preexisting template for its ransom note that malware experts find in multiple families, including the Globe Imposter Ransomware, the Crysis Ransomware and the Globe Ransomware. Besides updating the e-mail for negotiations, the Artemis Ransomware's messages are identical to the old ones, with a generic ransoming request and an offer for a free demonstration for a few files.

Naturally, victims should reconsider paying due to the risks of faithlessness on the threat actor's part.

Arrow-Proofing Files with Protective Armor

Religious folklore isn't an infrequent stopping-point for Trojans (compare and contrast the Artemis Ransomware with the Sekhmet Ransomware or the VenusLocker Ransomware). In almost every instance, it doesn't adequately inform on the campaign's geographical targets. Typically, Windows users are most at risk, and our malware experts are verifying the Artemis Ransomware's compatibility with most versions of that OS.

This family remains relatively new, and there are no decryption solutions on the web for free. For most attacks, any file recovery without an unaffected backup remains speculative. Preventing infections is much more viable for most Windows users. That's practically possible through disabling features like Flash, JavaScript, or macros, using strong passwords, and being cautious around security risks like e-mail attachments or torrents.

Anti-malware products should catch and delete the Artemis Ransomware during installation exploits or afterward efficiently. Since current rates for detection across the security industry are sub-optimal, users should consider quarantining and submitting samples to reputable researchers and AV vendors.

The first step into a Trojan starting a family is always an important event. The Artemis Ransomware might not deliver anything new in its moonlight-tipped arrows, but a proven cyber-warfare weapon is more than deadly adequately.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to Artemis Ransomware may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria .

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Related Posts