Home Malware Programs Ransomware Bam! Ransomware

Bam! Ransomware

Posted: July 25, 2017

Threat Metric

Ranking: 14,995
Threat Level: 10/10
Infected PCs: 162
First Seen: July 25, 2017
Last Seen: September 14, 2023
OS(es) Affected: Windows

The Bam! Ransomware is a Trojan that encrypts your files to lock them until you pay its ransom. Because of the risk of not receiving a real decryption solution, malware researchers recommend that you use free decryptors or backups as ideal recovery options for any locked media. You also may use appropriate security software for removing the Bam! Ransomware after an encryption attack happens, although most PCs with anti-malware protection should delete the Bam! Ransomware before it causes any harm.

Cyber Misdeed as Onomatopoeia

Even for the most derivative of Trojans, branding is a way con artists can give a unique identity to their attacks and create emotional responses from the people they attack. For the recently-identified Bam! Ransomware, this brand is taking the format of onomatopoeia: a word that's representing a sound: in this case, one appropriately implying violence. The payload, like those of most threats of the year, specializes in converting data-encoding attacks into money.

The Bam! Ransomware is unlikely of being an independent project, although malware analysts have yet to find sufficient evidence of its being a clear variation on similar threats like the Jigsaw Ransomware. When it launches, the Bam! Ransomware searches the directories of the compromised PC for different formats of media, including JPG, PNG, and DOC, and encrypts them. The Trojan's threat actors are choosing to hold the decryption software hostage, rather than the key to the algorithm, possibly to limit any analysis by the security industry.

Other symptoms malware analysts can confirm in the Bam! Ransomware's attacks include:

  • Name modifications result in the appending of '.bam!' tags onto every file that's locked (without overwriting any other extensions that already exist).
  • The Bam! Ransomware also creates a pop-up that it may launch in a screen-locking format (a window that takes up the entire screen without letting you close, minimize or resize it). Besides the standard warning message, the Bam! Ransomware asks the victim to contact one of two e-mail addresses for the decryption program. It includes a live, one-day time limit but doesn't detail the payment methods or price.

Pulling the Trigger against the Bam! Ransomware Attacks

The Bam! Ransomware may be distributing itself as a fake download, such as a game patch or crack, gain access via e-mail spam, or benefit from the drive-by-download attacks of any of several exploit kits. To keep your PC safe, disable scripts and other content, when they're unneeded, avoid pirated downloading resources, and scan any incoming files with appropriate anti-malware solutions. Preventative security protocols are valuable against threats like the Bam! Ransomware with still-unidentified encryption methods especially and, therefore, the potential for encoding your files permanently.

Media such as documents, pictures, archives, audio, and Microsoft Office-related formats are likely of being damaged by the Bam! Ransomware and threats that are similar to it in nature. Copying backups of this content to a safe location, such as a detachable USB device, can limit the Bam! Ransomware's bargaining power and override any need for a decryption service. Malware analysts also recommend using copies of the encoded content with free decryption software, if necessary, after deleting the Bam! Ransomware with any anti-malware product that you prefer.

Similarly to the Jigsaw Ransomware family, the Bam! Ransomware uses time limitations and in-your-face themes to push its victims into paying hastily. On the other hand, paying a con artist doesn't promise that you'll get anything in exchange, which is why a Trojan-endorsed decryptor always can be taken for granted as being a 'bad faith' deal.

Loading...