Godsomware Ransomware

The Godsomware Ransomware is a file-locker Trojan whose attacks display ransom-themed pop-ups and may try to block you from opening your media. Some of its symptoms are similar in design to those of the WannaCryptor Ransomware, although this threat isn't a direct relative, and the Godsomware Ransomware is missing a full encryption feature. Use backups as required for saving your files, and appropriate anti-malware tools for deleting the Godsomware Ransomware safely from your computer.

A Self-Declared God Trolls Your Monitor

A file-locker Trojan whose file-locking feature is incomplete is using a highly-aggressive ransoming message that could pull double duty by confusing its victims about its identity. The Godsomware Ransomware, an independent program by an unknown threat actor, is doing its best to mimic the much more well-known WannaCryptor Ransomware or '.wcry File Extension' Ransomware while using extortionist attacks that block the Windows desktop. The builds that malware experts have available for examination, however, show that the Trojan requires more updating before its 'official' release.

The Godsomware Ransomware is a Windows-based application that includes no noteworthy concealment features, such as a hijacked digital certificate or UPX packing. While its author may add such details for future, 'live' releases, the Godsomware Ransomware's 1.0 release is in a status of early development. Although its file-locking function, which could block files by encrypting them with conventional algorithms like the AES-256, isn't active, the Godsomware Ransomware does deliver a series of ransom-related warnings that assume that the users are no longer capable of opening their media files, such as documents or pictures.

What malware experts can confirm as working with the Godsomware Ransomware's payload is its screen-locker feature, which creates a desktop-blocking pop-up warning and an additional series of flashing pop-ups. After running through these meme-themed windows sequentially, the Godsomware Ransomware loads its last message, which copies the ransom note from the WannaCryptor Ransomware family. A timer and a Bitcoin transaction interface for the ransoms are two of the most noteworthy elements. Victims should, however, remember that paying doesn't give any access to a decryption service for recovering any files automatically.

Getting a Glitchy 'God' Out of the Machine

The Godsomware Ransomware isn't a polished work on the same level as most Ransomware-as-a-Service projects, like the Crysis Ransomware, the Globe Ransomware or the semi-Russian Scarab Ransomware families. Its author has yet to correct various deficiencies with the Trojan, including a series of generic Windows DLL error messages that run along with its pop-ups. Despite these problems, the Godsomware Ransomware may be capable of harming your files in its improved releases or represent a nuisance that sabotages your access to the Windows user interface.

If the Godsomware Ransomware prevents any access to necessary software or UI elements, malware researchers recommend restarting the computer with the Safe Mode boot-up option. Although the prompts for accessing that interface vary with the version of Windows, all modern versions of that OS include such a feature for blocking any unwanted, automatically-launching programs. Virtually any updated, credible anti-malware service should delete the Godsomware Ransomware from your computer without trouble, in the Trojan's current state.

The hard-coded password of '29b579fb811f05c3c334a2bd2646a27a' can give any victims a chance to close the Godsomware Ransomware's pop-up and, possibly, run the decryptor. As easy as such a solution is, all users who are tempted to treat all file-locker Trojans as being resolvable as easily as the Godsomware Ransomware are gambling with their files for no good reason.