Widia Ransomware
Posted: June 1, 2017
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
Threat Level: | 10/10 |
---|---|
Infected PCs: | 86 |
First Seen: | June 1, 2017 |
---|---|
OS(es) Affected: | Windows |
The Widia Ransomware is a Trojan that blocks your screen until you input your credit card details while also claiming to be encrypting your documents and other files. Since malware experts don't see any data-encoding attacks from the Widia Ransomware's current release, victims should be cautious about giving its author their credit card information, or any other ransom particularly. Close its window through the solutions in this article and use anti-malware products to remove the Widia Ransomware, and disinfect the rest of your computer.
A Trojan's Grinning Skulls Replacing Your Desktop
What one sees a Trojan appear to do, can be less or more than the Trojan's real payload. This sometimes counter-intuitive truth is more evident than ever with threats like the Widia Ransomware that capitalize on the notoriety spread in corrupted, file-encrypting campaigns. While its authors have yet to place any encryption features in the Widia Ransomware, judging it from its symptoms provides a different and possibly unwelcomed conclusion for a victim.
The Widia Ransomware has no apparent relatives and uses distribution methods that malware experts have yet to verify, but does seem to be falsifying its executable as being an installer for another software. When launching, the Trojan loads a local Web page in a pop-up without a border or other user interface elements, keeping you from resizing, minimizing or closing it.
The pop-up claims that your documents and similar formats of data are illegible temporarily as a result of the Widia Ransomware's encryption-based attack. Malware experts also can confirm the same warning text in use in third-party Trojan campaigns, including ones with similar, screen-locking threats and real file-encrypting Trojans. Besides its skull logo and timer, the most significant component of the Widia Ransomware's message is its semi-remarkable ransom demands: a request for all the credentials of one of your credit cards.
The Empty Penalties of Missing Trojan Time Limits
The Widia Ransomware's countdown operates along a similar social engineering strategy as that of the well-publicized Jigsaw Ransomware, which can delete the files it locks periodically. Unlike that Trojan, the Widia Ransomware's only feature of note is its screen-locking pop-up, which malware experts also confirm for having a very limited capacity for harming your computer. You should be able to close this window by using default keyboard shortcuts (such as Alt+F4), after which you can access the desktop and other programs as usual.
While its author, self-identified as 'Sorin,' appears to be Romanian, the Widia Ransomware targets English speaking victims and references credit card brands with strong associations to North America. Malware experts recommend contacting the relevant company for further help as soon as possible after dealing with a threat actor gaining access to your credit or debit card information. Even though the Widia Ransomware currently can't damage files by encoding them, fraudulent purchases and similar security and financial issues should be assumed as likely for anyone who submits to its extortion.
The Widia Ransomware takes no additional action after its time limit reaches zero, and malware experts find no protection included in this threat for stopping the Widia Ransomware's removal by dedicated anti-malware products. As usual, a PC user's worst enemy is him or herself, and those who believe everything they read will endanger themselves, as much as anyone else.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.