WannabeHappy Ransomware

WannabeHappy Ransomware Description

The WannabeHappy Ransomware is a file-locker Trojan that can prevent you from opening different formats of media, such as content associated with Microsoft Office programs. Both backups and free decryption programs can give victims ways of recovering without using this Trojan's endorsed method of paying a Bitcoin ransom. Whether or not you need to unlock your media, removing the WannabeHappy Ransomware with specialized anti-malware products will minimize any further security risks or loss of data from the infection.

Threat Actors Who aren't Happy Until They Have What's Yours

Trojans are just starting the deployment of a Trojan with archetypal file-locking features, although the threat in question, the WannabeHappy Ransomware, also appears to be attacking some removable drive types, in addition to local ones. While previous ones could configure such an inclusion with ease, the majority of file-locker Trojans omit it. The new Trojan's payload may be purely out of the whims of its administrators, but it also may mean that the WannabeHappy Ransomware is trying to target systems more likely of using such storage options.

Malware experts have caught no direct samples of the WannabeHappy Ransomware in circulation through the usual exploits, such as fake e-mail attachments, and the Trojan shows no characteristics that would allow it to distribute itself automatically (such as a worm or virus). However, its file-locking feature, with a basis of harmful data encryption, is working as intended. The Trojan may or may not be making changes to the names of any files it enciphers and locks, such as adding another extension to them.

The WannabeHappy Ransomware finalizes its attacks by launching an HTA pop-up that uses a template popular with a variety of Trojan families currently. The window shows a live countdown, general encryption warnings, a list of what files the WannabeHappy Ransomware is blocking, and embedded ransom-collecting and decrypting features. The WannabeHappy Ransomware's authors are demanding five hundred dollars in Bitcoins before providing the key for decoding the victim's files, which the WannabeHappy Ransomware uploads to their server beforehand.

Real Happiness without Wanna-Be's Suggestions

Although the WannabeHappy Ransomware searches over more drives than usual for content to encode and gives an unusual 'thank you' for using it, almost all of its other characteristics are generic, and one can see similar attacks and features from Hidden Tear, EDA2, or the Globe Ransomware, for example. Malware experts are recommending that users be particularly alert to infection vectors including e-mail attachments, website scripts, and vulnerable network logins. Appropriate security practices and software can provide various forms of protection from all of the above.

Paying the Bitcoin ransom that this Trojan requires should be avoided, especially since the WannabeHappy Ransomware is compatible with current decryption solutions on offer by the AV community. Victims can contact reputable anti-malware researchers with experience with file-locking threats for assistance with decoding their files. Alternately, any users with backups can restore their work through them after uninstalling the WannabeHappy Ransomware with a quality anti-malware product.

Threat actors are more than happy to lie about how easy it may or may not be to recover from their attacks when money is on the line. While reading messages from the WannabeHappy Ransomware and Trojans like it, any victims should be careful and remember the context in which these pop-ups are taking place.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to WannabeHappy Ransomware may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Posted: October 27, 2017
Threat Metric
Threat Level: 10/10
Infected PCs 9
Home Malware Programs Ransomware WannabeHappy Ransomware

Leave a Reply

Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter. If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.