Home Malware Programs Ransomware PACMAN Wakka Wakka Ransomware

PACMAN Wakka Wakka Ransomware

Posted: April 10, 2019

The PACMAN Wakka Wakka Ransomware is a file-locking Trojan that encrypts your files, which prevents them from opening, and displays a Pacman-themed pop-up. Users should be careful about restarting their computers or implementing other security steps since this Trojan doesn't preserve the decryption key once it closes. Backups can serve as protection for your files against its attacks, and traditional anti-malware services should uninstall the PACMAN Wakka Wakka Ransomware safely or block any install attempt.

The Arcade Climbs into Your Computer

The cyber-security industry is verifying another, orphan of a file-locker Trojan that isn't a build of a well-explored release like Hidden Tear or the Ransomware-as-a-Service sector's Scarab Ransomware. The data that malware experts can gather shows that the PACMAN Wakka Wakka Ransomware's campaign isn't profitable, for now, but its file-locking attacks are, unfortunately, operational. What's even worse than that is that the PACMAN Wakka Wakka Ransomware doesn't make any particular efforts at guaranteeing the future possibility of an unlocking solution to the unknowing victims.

The PACMAN Wakka Wakka Ransomware encrypts files using AES, like a majority of the file-locker Trojans out in circulation. While it flags the content that it locks this way with an extension-adding feature, the threat actor chose to insert the extension just before the original, which doesn't disassociate the file from the related program (for instance, a BMP image file will continue opening in Microsoft's Paint). Since the data still is encrypted, however, this oddity doesn't change the overall outcome of the file becoming unusable.

With the documents and other media kept for ransom, the PACMAN Wakka Wakka Ransomware delivers its demands for the traditional Bitcoin payment through a creative, Pacman-themed pop-up window. The PACMAN Wakka Wakka Ransomware offers language selection in German or English and a wallet address for paying that, as of early April, has no transactions. Importantly, malware experts warn that since the PACMAN Wakka Wakka Ransomware doesn't upload its decryption code anywhere and doesn't save it locally, once the Trojan closes, the solution is gone – whether or not the victim pays the 0.2 Bitcoins.

Putting Gaming Mascots on Diets

The PACMAN Wakka Wakka Ransomware shows off how threatening taking criminals at their words can be since the ransoming payments have nothing to do with how recoverable their files are with a decryption service. A similar risk is notable on a competing family of file-locker Trojans, the Jigsaw Ransomware, which deletes the hostage files upon its restarting, instead of losing the key. As a precaution against all attacks of this type, malware experts advise all users have work on a backup that isn't available locally and has appropriate security measures.

Since malware experts can't verify infected systems in the wild, how the PACMAN Wakka Wakka Ransomware may install itself is a question with many, possible answers. Spam e-mail campaigns with fake financial documents, torrents, and brute-force attacks against Web servers and local networks are some of the strategies currently in play. Professional anti-malware tools may keep your system safe by removing the PACMAN Wakka Wakka Ransomware or quarantining it in the installation exploit.

The PACMAN Wakka Wakka Ransomware may look colorful and friendly, but it's a case of video gaming branding going rogue. There's nothing lovable about a Pacman that eats your files, especially, when he refuses to cough them back up to you.

Loading...