Pants Ransomware

Posted: August 21, 2020

Pants Ransomware Description

The Pants Ransomware is a file-locking Trojan that's part of the Ransomware-as-a-Service, Globe Imposter Ransomware. A secured and non-local backup is the ideal recovery solution to attacks by this family and other RaaSes, which can hold documents and other media as permanent hostages. Reliable anti-malware utilities also will remove the Pants Ransomware without requiring significant user assistance.

Experiencing the Irreverent Side of Trojan Campaigning

The Globe Imposter Ransomware is sticking it out in an increasingly-constricted industry of file-locking Trojan families that vie for attention among criminals with Trojan campaigning know-how. However, the interest that these illicit businesses garner isn't always from the most professional or well-trained attackers. For the Pants Ransomware, a recent member of this Ransomware-as-a-Service, its details suggest an almost playful side to extortion.

As with other versions of Globe Imposter Ransomware (see: the CCHH Ransomware, the Taargo Ransomware, the '.Gif File Extension' Ransomware, or the '.SKUNK File Extension' Ransomware), the Pants Ransomware has a standardized and well-polished payload. It uses secure encryption to block files, documents, images, and other media that might be valuable to the user, particularly. Once it finishes, it marks each 'prisoner' file with a custom extension from its campaign and creates a ransom note. The latter, an HTML page, abides by a template that this family and related ones (the Globe Ransomware and the Dharma Ransomware) often use, and gives mostly-generic text, besides an e-mail for contacting the threat actor.

The hiring threat actor has customized the few elements of this RaaS under his control with unusual and semi-joking choices. The Pants Ransomware names its ransoming instructions with profanity, has the random selection of 'pants' as its extension, and has a thematically distinct (possibly, a music or comic book reference) e-mail address. The result is a Trojan that, while attacking similarly to any Ransomware-as-a-Service, shows an attitude that's reminiscent of 'freeware' Trojans like Hidden Tear or the Jigsaw Ransomware.

A Shield Betraying Its Wielder

Victims should withhold any ransom payments they're considering, if possible. Many threat actors provide unreliable or fake decryption assistance and demand ransoms through channels that lack suitable refund protections. As a rule, malware experts insist on backups on separate devices as a preferable and always-dependable solution for saving files.

According to the whims and talents of third parties, file-locking Trojans from these illicit businesses are notable for their distribution models' flexibility. Malware researchers do find some versions of the Pants Ransomware using a 'Netshield' disguise, which implies that the Trojan's distribution comes from fake anti-virus and cyber-security products. Users should avoid unknown websites for downloads, if possible, and otherwise, scan their new downloads before opening them. Other precautions, such as using visible extensions, turning off JavaScript, and having strong network passwords, are also highly relevant.

Reliable anti-malware products for Windows systems will protect most PCs and block infection exploits from most channels. They also can disinfect PCs and remove the Pants Ransomware installations, but not unlock or decrypt any files.

The Pants Ransomware is a buffoonish and vulgar Trojan, but just as hostile to files' data as any straight-faced creation from the Crysis Ransomware's Trojan-engineering kit. Assailants aren't always solemn in demeanor, and anyone on Windows should take this Trojan, and their backups, deadly seriously.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to Pants Ransomware may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Home Malware Programs Ransomware Pants Ransomware

Leave a Reply

Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter. If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.