Pants Ransomware Description
The Pants Ransomware is a file-locking Trojan that's part of the Ransomware-as-a-Service, Globe Imposter Ransomware. A secured and non-local backup is the ideal recovery solution to attacks by this family and other RaaSes, which can hold documents and other media as permanent hostages. Reliable anti-malware utilities also will remove the Pants Ransomware without requiring significant user assistance.
Experiencing the Irreverent Side of Trojan Campaigning
The Globe Imposter Ransomware is sticking it out in an increasingly-constricted industry of file-locking Trojan families that vie for attention among criminals with Trojan campaigning know-how. However, the interest that these illicit businesses garner isn't always from the most professional or well-trained attackers. For the Pants Ransomware, a recent member of this Ransomware-as-a-Service, its details suggest an almost playful side to extortion.
As with other versions of Globe Imposter Ransomware (see: the CCHH Ransomware, the Taargo Ransomware, the '.Gif File Extension' Ransomware, or the '.SKUNK File Extension' Ransomware), the Pants Ransomware has a standardized and well-polished payload. It uses secure encryption to block files, documents, images, and other media that might be valuable to the user, particularly. Once it finishes, it marks each 'prisoner' file with a custom extension from its campaign and creates a ransom note. The latter, an HTML page, abides by a template that this family and related ones (the Globe Ransomware and the Dharma Ransomware) often use, and gives mostly-generic text, besides an e-mail for contacting the threat actor.
The hiring threat actor has customized the few elements of this RaaS under his control with unusual and semi-joking choices. The Pants Ransomware names its ransoming instructions with profanity, has the random selection of 'pants' as its extension, and has a thematically distinct (possibly, a music or comic book reference) e-mail address. The result is a Trojan that, while attacking similarly to any Ransomware-as-a-Service, shows an attitude that's reminiscent of 'freeware' Trojans like Hidden Tear or the Jigsaw Ransomware.
A Shield Betraying Its Wielder
Victims should withhold any ransom payments they're considering, if possible. Many threat actors provide unreliable or fake decryption assistance and demand ransoms through channels that lack suitable refund protections. As a rule, malware experts insist on backups on separate devices as a preferable and always-dependable solution for saving files.
Reliable anti-malware products for Windows systems will protect most PCs and block infection exploits from most channels. They also can disinfect PCs and remove the Pants Ransomware installations, but not unlock or decrypt any files.
The Pants Ransomware is a buffoonish and vulgar Trojan, but just as hostile to files' data as any straight-faced creation from the Crysis Ransomware's Trojan-engineering kit. Assailants aren't always solemn in demeanor, and anyone on Windows should take this Trojan, and their backups, deadly seriously.
Use SpyHunter to Detect and Remove PC Threats
If you are concerned that malware or PC threats similar to Pants Ransomware may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.
Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.