Home Malware Programs Ransomware Bepabepababy Ransomware

Bepabepababy Ransomware

Posted: November 13, 2020

The Bepabepababy Ransomware is a file-locking Trojan from the Globe Imposter Ransomware family. The Bepabepababy Ransomware may stop files from opening by encrypting them, add secondary extensions to their names, and create HTML ransom notes (similar to those of the Globe Ransomware). Users with backups on other devices should recover quickly, and most PC security products should block or delete the Bepabepababy Ransomware.

Inappropriate Memes Reappearing in a Trojan Campaign

A spin-off of the Globe Imposter Ransomware, the Bepabepababy Ransomware, is taking the ironically-old theme of grabbing random Internet memes or joking slang for its title. It's a minor variant of its family with all known attacks in kind with past releases; this version is out in the wild since mid-October. As always, Windows systems users without the proper precautions are at risk from the Bepabepababy Ransomware attacks, which cause more far harm than jocularity.

The Bepabepababy Ransomware contains most of the features that any PC security enthusiast might expect of the Globe Imposter Ransomware family, as per old versions like the CCHH Ransomware, the BKC Ransomware, the PSCrypt Ransomware or the Eq Ransomware. It uses an encryption routine for converting media files (documents, spreadsheets, archives, pictures, audio, etc.) into non-opening copies and appends its campaign's extension onto their names. While malware analysts can't confirm any additional data-deleting features, in this case, most members of the Globe Imposter Ransomware family will delete the Restore Points.

The Bepabepababy Ransomware generates a local Web page resembling the Globe Ransomware family's ransom note after locking the files. It asks for an unknown ransom for recovering data and provides an e-mail for negotiating with the threat actor. Victims should remember that ransom transactions with criminals are risky means of unlocking files and don't always pay off – and refunds for cryptocurrency transactions (like Bitcoins) tend to require consent from both parties.

Presenting a Straight Face to a Trojan's Poor Sense of Humor

Besides the vulgar meme in its name and related cosmetics symptoms, the Bepabepababy Ransomware's payload has not much that makes it different from other Globe Imposter Ransomware members. However, due to its attack routines' consistency, users can dependably protect themselves by following the standard guidelines. Backups on different devices can facilitate media recovery, and most PC security products will identify the Bepabepababy Ransomware infections or drive-by-download attempts on sight.

Windows users at risk also should consider tailoring their Web-browsing behavior for their PC's security and limiting the Bepabepababy Ransomware's distribution possibilities. Disabling features such as JavaScript and Flash will remove many opportunities for drive-by-download attacks from Exploit Kits and other sources. E-mail attachments from unexpected senders, particularly documents with macros, should receive security scans from AV and threat-detection tools before opening. Password guidelines also can help against dictionary attacks that estimate simpler login combinations.

A reliable and updated anti-malware service should identify file-locker Trojans from significant families, encompassing the Crysis Ransomware, the STOP Ransomware, Globe Ransomware, and the Bepabepababy Ransomware's Globe Imposter Ransomware. Windows users with appropriate protection can use their security services for deleting the Bepabepababy Ransomware without much risk of file loss.

The attentiveness that threat actors pay to the Web's modern lingo also points to their ongoing social engineering interest. Users who forget that words can become drive-by-downloads could find themselves at the business end of the Bepabepababy Ransomware's ransom demands, hopefully, with a backup for compensation.

Loading...