Home Malware Programs Ransomware Pandemic Ransomware

Pandemic Ransomware

Posted: August 13, 2020

The Pandemic Ransomware is a file-locking Trojan that's a variant of the BigLock Ransomware. The Pandemic Ransomware blocks most non-essential files on the user's computer, including both media formats and others, and asks for a ransom in a text file. Windows users with backups should have convenient alternatives to its ransom service, and most systems with anti-malware protection should remove the Pandemic Ransomware immediately.

A Trojan with Exceptionally Inclusive Ransom Plans

The highly-relevant theme of global disease is the Pandemic Ransomware's theme, but this minor reworking of the BigLock Ransomware has additional issues that are just as threatening as a virus. Similar in tactics to threats like Hidden Tear or the Dharma Ransomware, it blocks the victim's digital content and keeps it hostage, after that, waiting for a ransom through an anonymous website. What makes the Pandemic Ransomware even worse than many competing families is the lack of 'brakes' on encryption – the means of locking files.

The Pandemic Ransomware runs in most Windows environments and uses a combination of AES and ChaCha algorithms for encrypting content securely. A vital qualifier for this attack is that the Pandemic Ransomware will target most files without sorting them by formats. Malware experts can confirm that the Pandemic Ransomware even targets files without extensions. It also attacks non-default folders, instead of specifying media-related ones like Documents and Pictures.

The Pandemic Ransomware's name change comes from the disease-themed extension that it adds to files, which helps victims identify the digital 'hostages.' It also has a more extended, revamped version of BigLock Ransomware's ransom note. The program uses a combination of a TOR website and Telegram for providing the details about the premium data recovery service. Malware experts recommend not paying, if possible, but can't offer a free decryption utility for the Pandemic Ransomware or BigLock Ransomware, at this time.

Quarantining a Software-Based Plague

The implications of the Pandemic Ransomware infections are broader than those of most file-locker Trojans under malware experts' microscopes. Because it can target so many file types and locations, it has a highly-likely chance of damaging installed programs. The Pandemic Ransomware even 'locks' some files in the normally-sacrosanct Windows directory, although it doesn't disable the operating system intentionally.

Users needing advanced recovery procedures may boot their machines through USB devices or DVDs, and repair Windows (and other programs) as necessary. Given that there is no freeware solution to the Pandemic Ransomware's encryption, users also should keep backups on other devices that render the file-locking attack, and its ransom, into a mostly-irrelevant proposition. Infection vectors for the Pandemic Ransomware may cover a diverse range from e-mail attachments to torrents and direct, password-cracking, brute-force attacks.

Anti-malware programs from the usual reliable sources have few issues identifying this Trojan as a threat, although samples provided to reputable companies can further improve these statistics. Windows users can uninstall the Pandemic Ransomware through typical anti-malware services while scanning the PC.

The symptoms of a Pandemic Ransomware infection are roughly analogous to a global pandemic. Like COVID-19, it taints everything it touches, unless those nearby take the right steps for quarantine and containment.

Loading...