Nog4yH4n Project Ransomware

The Nog4yH4n Project Ransomware is a variant of Hidden Tear, a file-locker Trojan modified frequently whose source code is available to threat actors without charge. This version of Hidden Tear includes Notepad ransoming messages and may hijack your desktop, along with blocking media files on your computer. Users should respond to infections by recovering via backups or making use of free decryptors for restoring any work, as well as letting a reliable brand of anti-malware software uninstall the Nog4yH4n Project Ransomware.

Another Files-For-Money Campaign Comes Out of Hiding

Modernized, wallpaper-hijacking variants of Hidden Tear like the Qinynore Ransomware have increasing competition from similar threats, along with old members of a family like the Tear Dr0p Ransomware, the Genocheats Ransomware, or the Ordinal Ransomware fork. The latest version of Hidden Tear that's including substantial cosmetic features is the Nog4yH4n Project Ransomware. This alias, transliterated as 'Nogayhan,' has been in previous use with threat actors hacking into websites and modifying the landing pages for displaying warning messages. However, malware analysts are concluding that there is no evidence of a connection between those campaigns and the Nog4yH4n Project Ransomware's attacks.

The AES encryption is the most significant, non-cosmetic feature of the Hidden Tear's family, and the Nog4yH4n Project Ransomware, like its numerous relatives, uses this function for blocking the infected PC's private media files. Documents, archives, pictures, and spreadsheets are typical examples of formats at high risk of being encrypted and locked. This background-running feature gives the threat actor leverage for extorting money via by the methods noted below.

The aesthetic features of the Nog4yH4n Project Ransomware include:

• A Notepad-formatted ransoming note delivers the criminal admin's demands for payment in exchange for assisting with the file recovery process. Any victims should remember that paying ransoms doesn't always give you a decryption service and that Hidden Tear, as a semi-open-source project, has freeware alternatives.
• The 'locked' extension that the Nog4yH4n Project Ransomware appends to the filenames can provide some help with identifying what media will not open. However, users should avoid identifying infections by this trait, alone, since it's a symptom that the Nog4yH4n Project Ransomware shares with other file-locker Trojans, like the 2017's CyberDrill Ransomware.
• Lastly, the Nog4yH4n Project Ransomware takes the relatively unusual step, for Hidden Tear variants, of changing the user's desktop wallpaper. Currently, the program replaces it with an image depicting a stack of USD bills without any ransom-related information

Cheapening the Cost of the Latest Hacking Evolution

Different file-locking Trojans' campaigns employ a range of strategies for breaking into PCs and gaining access to any media for blocking. Website servers are at risk from brute-force attacks that estimate the admin's login credentials especially, whereas business entities are at equal risk from both brute-forcing and targeted spam e-mails. Local networks also are in greater danger of having files over multiple machines held for a ransom, although malware experts do note that the Nog4yH4n Project Ransomware, as a Hidden Tear update, doesn't copy itself to other PCs or removable devices directly.

The rigorous scheduling and proper maintenance of backups, ones on other devices especially, can keep your files safe from the Nog4yH4n Project Ransomware and the rest of Hidden Tear's many re-releases. While decryption solutions for this family are accessible to the public at no cost, decryptors aren't always compatible with every member of a file-locking Trojan's family equally. However, standard anti-malware products can protect your computer by removing the Nog4yH4n Project Ransomware immediately, in a majority of infection situations.

The Nog4yH4n Project Ransomware is a simple attempt by an anonymous criminal of hijacking another one's notoriety for a different, but equally illicit means of making money. Since Hidden Tear is available to virtually anyone with interest in misusing it, PC users should keep at least one copy of every file that they have that's worth paying for locked up tight.