“Barack Obama’s Everlasting Blue Blackmail Virus Ransomware, as tweeted by MalwareHunterTeam, is perhaps one of the more peculiar strains of ransomware which have emerged over the course of this year.”
Worried about ransomware? Protect your important files with SkyFlok.
SkyFlok is backed up by design to remove your risk of losing important files and gives you access to your previous versions easily. If a ransomware attack encrypts your computer’s data, you can still recover all versions of your files prior to that attack as they are securely stored multiple Cloud locations. In fact, you can access them any time from SkyFlok.
When ransomware first began to infest our home systems, cybercriminals would often use the threat of the FBI and law enforcement to frighten victims enough to pay up.
It’s unusual, though, to see the face of a former head of a country as a brand of malware.
Barack Obama’s Everlasting Blue Blackmail Virus Ransomware, as tweeted by MalwareHunterTeam, is perhaps one of the more peculiar strains of ransomware which have emerged over the course of this year.
The Windows-based malware is distributed through spam and phishing campaigns and will first scan an infected system for processes associated with antivirus solutions.
As reported by Bleeping Computer, the Obama ransomware will then scan for files ending in .EXE, before encrypting them. Registry keys associated with the executable files are also tampered with so that every time an .EXE file is launched, the virus will, too.
Ransomware usually will encrypt content such as documents and media to force victims to pay a blackmail ‘fee’ to retrieve their files.
It is not often that this particular form of malicious code will tamper with system files or processes which may cause potentially irrevocable damage to an infected PC, as should the machine crash and be fully inaccessible, there is heartbreak for the victim but no incentive to pay.
However, in the Obama ransomware’s case, the malware will seek to encrypt .EXE files in Windows folders, which may cause such damage. This could be the result of inept developers or an oversight on their part.
Once the malware has performed its scans and encrypted files, the following message is displayed alongside an image of former US president Obama:
Fossbytes reports that the ransomware also erases all the Shadow Volume Copies from infected Windows machines, which will make file recovery more difficult to accomplish.
The ransomware is detected by 45 out of 68 antivirus solutions, according to VirusTotal.
As painful as it can be, you should not give in and pay up if your system is infected with ransomware. Cybersecurity firms are releasing free decryption keys on a constant basis, and should you submit to blackmail, this would only fuel the ransomware industry further.