Pashka Ransomware
The Pashka Ransomware is a file-locking Trojan that can block media on your computer and hold them for ransom. Although its name is an apparent reference to Russian culture, the threat's payload targets English speakers. Users should protect themselves by the traditional means of dutiful backup maintenance and using anti-malware software for detecting and deleting the Pashka Ransomware when necessary.
The Next Dish in a Banquet of Extortion
Although it lacks any known relatives, the newly-appearing the Pashka Ransomware isn't very different from Trojans like the 'cryptgh0st File Extension' Ransomware, the NAS-targeting DecryptIomega Ransomware, and the Hidden Tear variant of the KratosCrypt Ransomware. All of these Trojans anticipate the same 0.03 fraction of a Bitcoin for their profits, which they collect through taking files hostage and ransoming them. The Pashka Ransomware, by far the youngest of these Trojans, offers a combination of Russian cultural references along with English-language demands and, of course, data encryption.
The Pashka Ransomware is a Windows program whose circulation exploits are using fake driver updates, pirated software cracks and similar downloads. The threat actor is promoting these 'products' through rapidly-rotating Youtube channel videos on hacked accounts for gaining victims randomly. This tactic is very similar to some of the attacks in use by the STOP Ransomware or the Djvu Ransomware family.
Once it's infecting a system, the Pashka Ransomware encrypts files for locking them, with typical formats at risk including documents, images, music and archives. Besides the encryption, the Pashka Ransomware also adds 'pashka' strings to their names as extensions, and creates text messages asking for the previously-mentioned Bitcoin fee. 'Pashka' is a likely Anglicization of a Russian Easter dessert cake – which, once again, brings Russia into the foreground as a hotbed of file-locker Trojans' programming projects.
Rejecting an Overly Expensive Dessert
The Pashka Ransomware's wooden molded-cake theme has little relevance to its distribution. Most Russia-originating Trojans with similar payloads will avoid targeting Russian residents out of a preference for foreigners, such as Europeans or North Americans. However, the Pashka Ransomware's software piracy-related tactic could endanger anyone who indulges in illicit downloading hobbies.
There's no wallet active at the Pashka Ransomware's provided Bitcoin address currently. Despite this oddity, malware analysts are verifying the Trojan attacking victims as of the first month of 2020. Users should avoid downloading updates or other files from risky sources without checking their safety beforehand. This precaution also pertains to documents and other content that, while not inherently threatening, can possess embedded drive-by-download exploits.
Standard anti-malware solutions can detect most file-locking Trojans from all significant families. Update your product of choice for improving its chances of removing the Pashka Ransomware safely before your files can experience encryption or deletion.
Culture and programming go hand in hand. As another file-locking Trojan entering the fray, the Pashka Ransomware's 'tasty' theme doesn't make it any more palatable to any diner without the sense to back their drives up.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.