See_read_me Ransomware

Posted: October 16, 2020

See_read_me Ransomware Description

The See_read_me Ransomware is a file-locking Trojan and variant of the Adhubllka Ransomware, which conducts similar, encryption-based attacks. Along with blocking files, it creates a text ransom note that promotes its TOR data-unlocking service and inserts new extensions into files' names. Appropriate backups will mitigate all data loss sufficiently, and cyber-security products can prevent infections or uninstall the See_read_me Ransomware.

Small-Time Trojans Back for Second Servings

As a semi-noteworthy event in the threat landscape, another single Trojan starts up a possible family, with the Somali-like Adhubllka Ransomware splitting off into the See_read_me Ransomware. Unlike most such cases, malware experts find no connected Ransomware-as-a-Service. An essential part of the payload, the ransom message, also is very different between the two Trojans. However, the See_read_me Ransomware plan of attack and motivations are the same as the original.

The See_read_me Ransomware's appearance dates to two months after the creation date of the earliest samples of the Adhubllka Ransomware. Like that Trojan, it uses an encryption routine – possibly secure from third-party solutions – for blocking the user's digital media files. This data sabotage is most likely of harming documents like DOCs or PDFs, pictures like JPGs or BMPs, audio like MP3s, or archives like ZIPs. In all cases, the Trojan also adds its extension, which 'helpfully' directs victims to the 'Read_Me' text file.

This ransom note is very different from the earlier one and uses a more widely-known, 'professional' formatting for the instructions. Unlike the Adhubllka Ransomware, it also uses an anonymous TOR site instead of an e-mail, suggesting more infrastructure work from the threat actor. Malware experts have no current information on the ransom's cost or currency, but paying for data recovery tends to backfire on most victims of file-locking Trojans.

What Happens to Those Who Do What Trojans Demand

The simplicity and directness of the See_read_me Ransomware's ransoming arrangement don't mention many of the dangers involved in paying. Malware experts sometimes see attackers returning fake 'unlocked' files that are installers for other threats, such as backdoor Trojans. There also is the more usual problem of criminals not giving any help after getting their money or providing a decryptor that corrupts the files permanently.

Strongly-secured and updated backups on other devices are, by far, the most practical solution to file-locking Trojans of all kinds. Some users may consider providing samples to reputable researchers for investigating a decryption possibility but never should place their only hopes in it. Infection prevention also is crucial for any Windows user and ranges from avoiding illicit downloads like game cracks to disabling document macros and browser scripts.

Without any evidence of how it's circulating, the See_read_me Ransomware's campaign should be presumed active and in the wild by any traditional infection vector. Anti-malware services can shore up defenses by blocking installation exploits or removing the See_read_me Ransomware from compromised systems.

The See_read_me Ransomware takes old software and remakes it with an additional layer of traditionally-dependable extortion demands. The polish might seem like a superficiality, but it's just another aspect of making money for criminals sabotaging data servers and home PCs.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to See_read_me Ransomware may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Home Malware Programs Ransomware See_read_me Ransomware

Leave a Reply

Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter. If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.