PewPew Ransomware Description
The PewPew Ransomware is a file-locking Trojan that blocks media on Windows computers and holds it hostage. Like most of its kind, the PewPew Ransomware includes multiple ransom notes for premium data recovery and changes any locked files' names. Users should always have backups on other devices for optimal recoveries and let trusted anti-malware products contain or delete the PewPew Ransomware when they identify it.
The Onomatopoeia that Incinerates Your Windows Work
With its genealogy doubtful, the Trojan calling itself PewPew Ransomware is open to speculation on how its threat actor created it or is planning on distributing it out in the wild. Sadly, malware researchers find its features clear, having all the hallmarks of a file-locking Trojan. This threat is more than a little similar to multiple Trojan families visually, including the Globe Ransomware, the Globe Imposter Ransomware and the Dharma Ransomware. Whether this fact is more than surface-level, only the campaign's admin knows.
Samples of the PewPew Ransomware available to malware researchers suggest the usual preference for a Windows environment, although multiple versions, including Windows 7 and 10, are at risk. The Trojan's installer is slightly larger than the average one and uses packing for concealment from any security products. Intriguingly, both some of its EXE details and payload symptoms contain the string 'abkir,' a possibly-Arabic term.
The PewPew Ransomware's essential feature is the non-consensual encryption routine: an attack that makes files non-openable by encrypting them. On a more superficial level, it also changes their names by adding extras, such as the 'abkir' word, its e-mail, and a probably-unique ID string. Victims may find its ransoming instructions for buying a possible decryptor in both HTA and text files, the former of which look highly similar to the previously-mentioned Trojan families' entries.
Although malware researchers rate it unlikely that the PewPew Ransomware is a modern variant of Dharma Ransomware's Ransomware-as-a-Service, they have yet to determine whether or not the Trojan's encryption is breakable by victims without the criminal's decryption data.
Avoiding a Zap from Trojan Lasers
The PewPew Ransomware encryption strength is wholly unknown, but most Trojans with file-locking features can hold the victim's files in perpetuity. Accordingly, a backup is especially crucial for a full recovery. Saving backups non-locally will offer additional protection against Trojans that include the Restore Point-targeting attacks or similar features.
Reliable anti-malware programs are proving themselves up to the task of identifying file-locking Trojans, whatever their families are, and should remove the PewPew Ransomware appropriately.
The PewPew Ransomware is zapping files' data for a payout that no one can put a price on, yet. Every user that pays only extends the life of this potentially-deadly weapon, which, in the wrong hands, can take whole computers or servers' worth of media hostage.
Use SpyHunter to Detect and Remove PC Threats
If you are concerned that malware or PC threats similar to PewPew Ransomware may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.
Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.