Malabu Ransomware
Posted: April 18, 2017
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
Threat Level: | 10/10 |
---|---|
Infected PCs: | 0 |
First Seen: | April 18, 2017 |
---|---|
OS(es) Affected: | Windows |
The Malabu Ransomware is a low-quality crypto-threat that can lock files but, thankfully, a free decryption utility has been released to tackle this threat's encryption already. Regardless of the availability of a free decryptor, having your files locked by the Malabu Ransomware is still an unpleasant experience since the threat can encrypt the contents of documents, images, spreadsheets, archives, databases, various media files, and other files that are likely to contain important information. Unsurprisingly, the author of the Malabu Ransomware offers to provide victims with help in exchange for money - $500 to be exact. However, the ransom message that the Malabu Ransomware delivers also threatens victims that the ransom sum will be increased to $1,000 if the transaction of $500 is not completed within 48 hours of the attack.
The Cyber Crooks Demand $500 to Reverse the Ransomware's Weak Encryption
The exact distribution techniques that the authors of the Malabu Ransomware use to spread their creation are undisclosed, but it is likely that they will rely on some of the most popular threat distribution methods – fake downloads, fake updates, fraudulent email messages with an attachment or pirated software. Users should follow some of the primary safe browsing tips and, in addition to this, they also should make sure that a reputable anti-virus software suite is protecting their computers at all times.
'YOUR WINDOW IS HACKED
ALL YOUR FILES, DOCUMENTS, DATAS, VIDEOS, PICTURES, MP3s ARE ENCRYPTED. YOUR COMPUTER SCREEN IS ALSO LOCKED.
YOU'VE BEEN HACKED WITH the Malabu Ransomware.
YOU WILL PAY US $500 INTO OUR BITCOIN ADDRESS BELOW AND WE WILL GIVE YOU THE KEY TO DECRYPT, AND YOU WILL GET YOUR FILES BACK. AFTER 48 HRS, YOU WILL PAY $1000 MORE. WE DON'T GIVE A FUCK.. IF YOU DELAY, YOU LOOSE ALL
1EBbTjEmGN2w5kUN6uPLyU5e8x7zjRt8J
[Hide More Details]
(1) LOOK FOR BITCOIN SERVICES ONLINE
(2) REGISTER AND GET A BITCOIN WALLET
(3) BUY $500 BITCOIN ONLINE
(4) PAY INTO OUR BITCOIN ADDRESS ABOVE(IN YELLOW)
(5) PAY WITHIN 48 HOURS OR YOU WILL PAY $1000 AFTER
(6) FAILURE TO PAY WITHIN A WEEK MAKES YOU TO LOOSE ALL
(7) SEND YOUR PAYMENT DETAILS TO OUR EMAIL
steverusell@mail.com
(8) WE WILL GIVE YOU THE KEY TO DECRYPT \ REMOVE THE MALWARE'
If users fail to do this and execute the Malabu Ransomware's corrupted executable on their computers, they might not notice anything suspicious at first. The ransomware will launch a background process that scans the computer and identifies the files that are suitable for encryption. Every file that the Malabu Ransomware encrypts also will have its extension changed to '.fucked' (e.g. 'image.png' will be changed to 'image.png.fucked'). Surprisingly, the Malabu Ransomware does not leave a plain-text ransom message and, instead, uses a screen locker to deliver the attacker's demands. Apart from the ransom sum and payment instructions, the lock screen also includes the email steverusell@mail.com for contact, and a field to enter the decryption key required to restore the files. The good news is that, as we already mentioned, the free 'StupidDecrypter' software can restore the files locked by the Malabu Ransomware. Victims of this threat should use an anti-malware software suite to remove the ransomware immediately, and then proceed to use the free decryptor to get their files back to normal.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.