WhyCry Ransomware

WhyCry Ransomware Description

The WhyCry Ransomware is a Trojan that uses encryption to keep you from opening media such as documents, spreadsheets, or pictures until you pay its fee. While buggy currently, the WhyCry Ransomware does represent a potential hazard to any files without backups, and malware experts recommend blocking this threat with appropriate security protocols. If you overlook its installation, some anti-malware programs can uninstall the WhyCry Ransomware, and free decryptors can help you unlock the files.

A New Answer to Why You might be Crying at Your Keyboard

FTSCoder isn't the most important family of file-encoding threats, even for the month, alone. However, it is still being used by threat actors with no talent or enthusiasm for programming more secure Trojans, a trend appearing in the campaigns of the Haters Ransomware, the BlackSheep Ransomware, and June's the WhyCry Ransomware. Malware researchers identified a sample that seems to be a work in progress, with incomplete user interfaces and various bugs, although the WhyCry Ransomware remains capable of causing data loss.

The WhyCry Ransomware, similarly to most variants of the FTSCoder, targets a relatively short list of formats for holding hostage, such as AVI, DOC, TXT and GIF. It encrypts these files, stopping any programs from opening them, and adds its custom extension of '.whycry' to their names. This encryption routine is asymptomatic and occurs in the background without alerting the user.

The WhyCry Ransomware's additional features include glitches that may generate Windows errors or cause its final pop-up to fail to load as intended. Its threat actors are using a fallback ransom note to lock the screens of any victims of the current build apparently, which include a request for Bitcoins, a decryption field (once you obtain the key), and a variety of inaccurate warnings about the dangers of free decryptors.

Why Cry Over Spoiled Files

Its threat actors may inspire little confidence over their programming skills, but even the current version of the WhyCry Ransomware uses a third-party basis of code that can damage your files permanently. Free decryptors do exist for the WhyCry Ransomware's family, although victims should backup copies of any locked media before attempting any potentially irreversible solutions. In other circumstances, backups may be the be only other resolution method that gives you your content back without risking paying the WhyCry Ransomware's admins.

For those who need to regain control over the Windows interface, reboot into Safe Mode or boot directly from a recovery device (such as any USB port). Although its main installation exploits are under investigation, malware experts expect this threat's campaign to utilize the infection vectors common to threats distributed at random, such as bundling itself with other, free downloads. Just below half of most major brands of AV software may identify this Trojan under various metrics, and you always should use appropriate anti-malware tools for uninstalling the WhyCry Ransomware or detecting it.

Small-time threat actors misdeeds aren't smaller in consequences to the people necessarily, and the computers they harm. Paying con artists like the WhyCry Ransomware's authors for your files is a poor second choice to make up for not minding your security in the past.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to WhyCry Ransomware may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Posted: June 14, 2017
Threat Metric
Threat Level: 10/10
Infected PCs 99
Home Malware Programs Ransomware WhyCry Ransomware

Leave a Reply

Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter. If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.