RedAnts Ransomware Description
The RedAnts Ransomware is a revision of Hidden Tear, a group of Trojans that con artists often use for extorting money after they lock your local files. Like other versions of this threat, the RedAnts Ransomware presents a risk of potentially long-term damage to the PC's data. Although your anti-malware products are likely to detect and delete the RedAnts Ransomware as a matter of routine, good backup strategies can eliminate any potential for irreversible harm.
Ants Swarming Your File Directories Instead of Your Kitchen
Hidden Tear variants are continuing to catch up in numbers with competing families of threatening software in the early spring, although it's unlikely that the same threat actors are behind most of these separate campaigns. The RedAnts Ransomware is one of the latest Hidden Tear releases subject to the confirmation of malware experts. The associated file data of its executable imply that the content is a document and other, text-based message. These threats most likely are circulating with the help of spam e-mails.
The RedAnts Ransomware still uses an AES-based cipher to lock your files through an encryption routine that reorders their internal data. Most con artists set threats of this type to lock documents, photos, spreadsheets, and other content that's potentially valuable but also small in size, letting the process take as little time as possible for maximum impact. The RedAnts Ransomware adds the 'horas-bah' extension onto the names of the locked data, which is a string malware experts have yet to see in connection with other attacks. Any victims should be sure to distinguish between the filename changes and the encryption; reversing one will have no impact on the second.
The threat actor profits from these attacks by also creating a text file with a ransom demand. The 0.5 Bitcoin price of the decryptor equates to six hundred USD, which puts the RedAnts Ransomware in the same range as other file-encrypting Trojans that attack business entities with the funds for paying such ransoms.
A Little Pesticide for an Ant Problem
Most file-encrypting threats represent the most serious risk to data that the user doesn't copy to other servers or drives for easy retrieval. Since a majority of file-encryptor Trojans are incapable of attacking cloud services, cloud storage offers one solution to the RedAnts Ransomware's payload. Peripheral storage, such as USB devices, also are highly endorsed by malware experts for data preservation against attacks of this nature. Ransom transactions lack any automatic mechanisms linking them to decryption features, and paying them never is a recommended or non-risky recovery method.
Threat actors may hide an installer for the RedAnts Ransomware by using inappropriate icons or extensions and often will design spam messages for supporting the concealment of their corrupted attachments. Professional anti-malware products can identify these threats, regardless, and should block any encryption attacks by removing the RedAnts Ransomware by default. However, threat databases without their most recent patches may be less potent at identifying newer Trojans.
Like the ants, themselves, the RedAnts Ransomware is part of a recurring threat that never truly stops attacking or breeding. However, the RedAnts Ransomware's aims are more self-serving than a biological imperative, and PC users can do their part to mitigate the problem by refusing to pay money for a misdeed.
Use SpyHunter to Detect and Remove PC Threats
If you are concerned that malware or PC threats similar to RedAnts Ransomware may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.
Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.
File System Modifications
The following files were created in the system:
file.exeFile name: file.exe
Size: 11.77 KB (11776 bytes)
Detection count: 29
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: March 13, 2017