Malabu Ransomware

Posted: April 18, 2017

Threat Metric

The Threat Meter is a malware assessment that SpywareRemove.com's research team is able to give every identifiable malware threat. Our Threat Meter includes several criteria based off of specific malware threats to value their severity, reach and volume. The Threat Meter is able to give you a numerical breakdown of each threat's initial Threat Level, Detection Count, Volume Count, Trend Path and Percentage Impact. The overall ranking of each threat in the Threat Meter is a basic breakdown of how all threats are ranked within our own extensive malware database. The scoring for each specific malware threat can be easily compared to other emerging threats to draw a contrast in its particular severity. The Threat Meter is a useful tool in the endeavor of seeking a solution to remove a threat or pursue additional analytical research for all types of computer users.

The following fields listed on the Threat Meter containing a specific value, are explained in detail below:

Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.

Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.

Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.

Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.

% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.

Threat Level:	10/10
Infected PCs:	0

First Seen:	April 18, 2017
OS(es) Affected:	Windows

The Malabu Ransomware is a low-quality crypto-threat that can lock files but, thankfully, a free decryption utility has been released to tackle this threat's encryption already. Regardless of the availability of a free decryptor, having your files locked by the Malabu Ransomware is still an unpleasant experience since the threat can encrypt the contents of documents, images, spreadsheets, archives, databases, various media files, and other files that are likely to contain important information. Unsurprisingly, the author of the Malabu Ransomware offers to provide victims with help in exchange for money - $500 to be exact. However, the ransom message that the Malabu Ransomware delivers also threatens victims that the ransom sum will be increased to $1,000 if the transaction of $500 is not completed within 48 hours of the attack.

The Cyber Crooks Demand $500 to Reverse the Ransomware's Weak Encryption

The exact distribution techniques that the authors of the Malabu Ransomware use to spread their creation are undisclosed, but it is likely that they will rely on some of the most popular threat distribution methods – fake downloads, fake updates, fraudulent email messages with an attachment or pirated software. Users should follow some of the primary safe browsing tips and, in addition to this, they also should make sure that a reputable anti-virus software suite is protecting their computers at all times.

'YOUR WINDOW IS HACKED
ALL YOUR FILES, DOCUMENTS, DATAS, VIDEOS, PICTURES, MP3s ARE ENCRYPTED. YOUR COMPUTER SCREEN IS ALSO LOCKED.
YOU'VE BEEN HACKED WITH the Malabu Ransomware.
YOU WILL PAY US $500 INTO OUR BITCOIN ADDRESS BELOW AND WE WILL GIVE YOU THE KEY TO DECRYPT, AND YOU WILL GET YOUR FILES BACK. AFTER 48 HRS, YOU WILL PAY $1000 MORE. WE DON'T GIVE A FUCK.. IF YOU DELAY, YOU LOOSE ALL
1EBbTjEmGN2w5kUN6uPLyU5e8x7zjRt8J
[Hide More Details]
(1) LOOK FOR BITCOIN SERVICES ONLINE
(2) REGISTER AND GET A BITCOIN WALLET
(3) BUY $500 BITCOIN ONLINE
(4) PAY INTO OUR BITCOIN ADDRESS ABOVE(IN YELLOW)
(5) PAY WITHIN 48 HOURS OR YOU WILL PAY $1000 AFTER
(6) FAILURE TO PAY WITHIN A WEEK MAKES YOU TO LOOSE ALL
(7) SEND YOUR PAYMENT DETAILS TO OUR EMAIL
steverusell@mail.com
(8) WE WILL GIVE YOU THE KEY TO DECRYPT \ REMOVE THE MALWARE'

If users fail to do this and execute the Malabu Ransomware's corrupted executable on their computers, they might not notice anything suspicious at first. The ransomware will launch a background process that scans the computer and identifies the files that are suitable for encryption. Every file that the Malabu Ransomware encrypts also will have its extension changed to '.fucked' (e.g. 'image.png' will be changed to 'image.png.fucked'). Surprisingly, the Malabu Ransomware does not leave a plain-text ransom message and, instead, uses a screen locker to deliver the attacker's demands. Apart from the ransom sum and payment instructions, the lock screen also includes the email steverusell@mail.com for contact, and a field to enter the decryption key required to restore the files. The good news is that, as we already mentioned, the free 'StupidDecrypter' software can restore the files locked by the Malabu Ransomware. Victims of this threat should use an anti-malware software suite to remove the ransomware immediately, and then proceed to use the free decryptor to get their files back to normal.

Malabu Ransomware

Threat Metric

The Cyber Crooks Demand $500 to Reverse the Ransomware's Weak Encryption

Leave a Reply