RagnarokCry Ransomware

Posted: January 20, 2020

RagnarokCry Ransomware Description

The RagnarokCry Ransomware is a file-locking Trojan that can block your PC's documents and similar digital media. Its encryption could be irreversible without the threat actor's help, which is dependent on a ransom payment. Users can curate their backups responsibly for saving any files, as well as rely on updated anti-malware services for catching and removing the RagnarokCry Ransomware.

Norse Myth is Another Rallying Cry for Stoppering Your PC's Data

A file-locking Trojan that's just becoming identifiable as a distinct threat is taking inspiration from both Norse mythology and more-recent Trojan campaigns. Besides borrowing the name of the legendarily-destructive WannaCryptor Ransomware family, the RagnarokCry Ransomware combines it with the Norse mythological term for the end of the world, AKA armageddon. For PC owners without appropriate backups, that title could be an appropriate one for their files.

The RagnarokCry Ransomware shares the 32-bit, Windows-based characteristics of an extreme majority of similar, file-locking Trojan programs, including unrelated threats like the '.btix File Extension' Ransomware, the Picocode Ransomware, the Start Ransomware, and the TotalWipeOut Ransomware. While it has no familial ties or label, its payload isn't dissimilar to a Ransomware-as-a-Service. It runs off of encrypting digital media (such as Word DOCs or JPG pictures) and appending its 'ragnorak_cry' extension onto their names. The attack locks the file from opening and requires a decryptor, with the relevant algorithm and key data, for reversing.

Malware analysts can't yet determine whether or not there's a chance of free unlocking or decryption services becoming available. They do, however, see the Trojan's payloads dropping uniquely-worded ransom TXT notes in poor English. The threat actor is selling his unlocking service for an unknown fee and is using a free e-mail for negotiating without any alternative or backup communication channels. This practice is more common among independent criminals who put little effort into their ransoming infrastructure or 'business.'

It Doesn't Have to be the End of the World for Your Files

The RagnarokCry Ransomware isn't the first time that a Trojan has taken over Norse mythology for a crime. This choice is part of a long-term trend of theming in Black Hat software that goes from the Vidar Stealer and LokiBot spyware down to smaller threats like the Heimdall Ransomware and the Sigrun Ransomware. Generally, the theme indicates no special relationship with Europe. Most file-locking Trojans will target victims throughout the world as the opportunity presents itself.

Users who maintain unsafe passwords, download illicit torrents, enable JavaScript in Web browsers, or open macro-using e-mail attachments are especially at risk from file-locking Trojan campaigns. While malware researchers find no special defensive features in the RagnarokCry Ransomware, the Trojan's being new and unrelated to past families may also hamper threat-detection efforts by some security products. Updating databases for all relevant security software can lower the danger of the Trojan's going undetected.

Despite the above issue, anti-malware solutions still are essential means of deleting the RagnarokCry Ransomware safely. Manual uninstallation requires changes to the Registry and, in inexperienced hands, may damage the Windows OS.

Early reports put a possible connection between the RagnarokCry Ransomware and the 2019's MegaCortex Ransomware. Whether that's true or the RagnarokCry Ransomware is truly an independent apocalypse, it only is the 'end of the world' for victims who don't take the proper precautions for preparing for it.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to RagnarokCry Ransomware may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Home Malware Programs Ransomware RagnarokCry Ransomware

Leave a Reply

Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter. If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.