PewCrypt Ransomware

Posted: February 27, 2019

PewCrypt Ransomware Description

The PewCrypt Ransomware is a file-locking Trojan that encrypts your media with the AES and RSA algorithms while blocking the screen with its ransom message. Its ransoming instructions, instead of asking for money, require subscribing to the Youtuber PewDiePie and threaten the deletion of the unlocking code if a rival beats his subscription number. The users can restore their files with the freely-available decryptor or a backup, and have proper anti-malware products ready for uninstalling the PewCrypt Ransomware safely.

The Alchemy of Subscription Rivalry Turning into Data Attacks

Malware researchers and others are examining a new kind of file-locking Trojan in the industry, with an emphasis on preventing possible attacks that could be bent on manipulating online follower statistics. The PewCrypt Ransomware is an independent threat whose author claims that it owes its development to learning Java. While there is some proof of his good intentions, the users infected by the PewCrypt Ransomware will be dealing with the same file blockades that they would struggle against under a 'for-profit' equivalent, like the Dharma Ransomware's family.

The PewCrypt Ransomware is a Java-based Windows program that uses the ever-typical combination of the AES and RSA algorithms for locking the victim's JPG pictures, Word documents and other media. The PewCrypt Ransomware adds a 'PewCrypt' extension at the end of their names, as well, without taking away the default one. While malware researchers aren't able to confirm a full list of the affected formats, the PewCrypt Ransomware does refrain from locking files over twenty megabytes, along with any ones bearing the EXE, JAR or DLL extensions.

The PewCrypt Ransomware, like many of the file-locking Trojans of today, includes a pop-up that may block your Windows desktop. This ransoming message, however, doesn't ransom your files for Bitcoins or vouchers. The PewCrypt Ransomware demands the user's subscription to PewDiePie's Youtube channel while claiming that a sufficiently high subscription mark will trigger the release of the unlocking application, instead of asking for money. This odd choice of a ransom is being backed up by the threat of a dynamic deadline: PewDiePie's subscription count being surpassed by that of rival T-Series, in theory, triggers the deletion of the decryption key.

The Influence of Online Media on Your Local Files

Those not keeping well-informed about the state of the video game-streaming industry may be surprised upon learning that the PewCrypt Ransomware's ransom note hinges around nothing more than an eight-minute interval wherein PewDiePie briefly was no longer the most-subscribed channel on Youtube. Fortunately, the PewCrypt Ransomware's author has chosen not to release the Trojan in earnest and is providing a free decryption utility at Google Drive. Users can recover their files with this program, although most file-locker Trojans don't possess solutions equivalently easy, to which, malware experts emphasize the necessity of backups.

The samples malware experts have available imply an increasingly poor evasion rate against most AV databases, although the PewCrypt Ransomware isn't in live distribution. Users encountering this threat by such means as torrents, malvertising, or spam e-mails should be capable of blocking its installation with the appropriate security products. Since file-locking Trojans can be delivered by means that are also capable of dropping other threats, the users should remove the PewCrypt Ransomware with anti-malware tools that can detect related issues even if the limited file damage is reversible.

The PewCrypt Ransomware may be a learning tool for its author, but what's educational for researchers can be unsafe when taken out of context. Fortunately, the PewCrypt Ransomware isn't likely of becoming the next Hidden Tear – the PewDiePie equivalent of the file-locker Trojan industry.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to PewCrypt Ransomware may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Home Malware Programs Ransomware PewCrypt Ransomware

Leave a Reply

Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter. If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.