Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


New PadCrypt Ransomware Comes with Live Chat Support and Uninstaller

Switzerland-situated Abuse.ch has discovered a ransomware strain that tells victims they will get a live chat benefit as customer service. The security company dubbed the ransomware PadCrypt that it states is currently disabled.

Bleeping Computer reports that it's the first time that any ransomware is giving live chat benefit to infected users who may seek help on the Internet in making their ransom payments followed with decrypting of their encrypted data-files. The PadCrypt is further a unique ransomware as it offers the users one software uninstaller first time ever that's taken down together with the sinister file-locking key when infection sets in. Scmagazine.com posted this, February 16, 2016.

Coming in a PDF form, the uninstaller when downloaded gets PadCrypt to start its task, i.e. encrypting the infected user's files, erasing each and every shadow volume folder, and not letting HDD recovery program to retrieve the actual non-encrypted data. The purpose of this is that victims will have to pay the money demanded to get their data-files unlocked otherwise recover them from a previously done backup that is saved offline which no ransom malware can reach.

Moreover now, PadCrypt installs HTML as well as text files carrying notifications about the ransom amount within each directory it encrypts, while displays one popup window too having the same notification that asks for a 0.8 Bitcoin payment. Meanwhile, according to Bleeping Computer's Lawrence Abrams, utility such as live chat can seemingly raise the ransom sum since victims confused with the payment procedure would get the live chat benefit and thus guidance accordingly.

Lawrence continues that lately a ransomware was observed that let users disable/enable the 'autorun' to help the malware, however, a ransomware which gives an uninstall software too, is unprecedented. Soon after executing the uninstaller, all ransom notes would be removed along with every file pertaining to the PadCrypt contamination. Worryingly though, the files encrypted would stay, Lawrence points out.

Additionally it's reported that there aren't any apparent flaws with PadCrypt's encryption, nevertheless, security investigators at Bleeping Computer and Abuse.ch are examining further to determine if any hidden vulnerabilities exist in the ransomware.

ยป SPAMfighter News - 2/24/2016

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page