![]() ![]() We advise against paying criminals and thus supporting illegal activity. It is also common for victims not to receive the promised decryption keys/software - despite meeting the ransom demands. Usually, decryption is impossible without the cyber criminals' interference. This malware could have been released for testing purposes or simply for the attackers' amusement. These irregularities may mean that Goose ransomware does not seek to obtain ransoms, much less provide victims with functional decryption tools following payment. Not to mention that using such a service is an easy way to get caught by the authorities.Īdditionally, even ransomware leveraged against home users tends to ask for larger sums - somewhere in the range of three to four digits (in USD). Email providers of this kind are rarely used by cyber criminals, since if their accounts are taken down - victims become unable to contact them or make payments. The provided email address is registered with Gmail - an email service provider known to take down accounts used for illegal activity relatively fast. Firstly, during testing - Goose encrypted only a small amount of files, most of which were stored on the desktop. The note instructs emailing the attackers to get payment instructions.Īs mentioned in the introduction, there are several odd elements to this ransomware. Victims are also told that they must pay a 50 USD ransom (in Bitcoin cryptocurrency) to decrypt their data. The ransom-demanding message informs victims that their files have been encrypted. Screenshot of files encrypted by Goose ransomware: It is noteworthy that Goose has many deviations from regular ransomware, which puts its goals into question. Once the encryption was complete, a ransom note was displayed in a pop-up window. However, unlike most malicious programs of this type, it did not modify the names of affected files. We sampled it from VirusTotal and analyzed it.Īfter being released on our test machine, the Goose ransomware began encrypting files. Discovered by the MalwareHunterTeam, Goose is a piece of malicious software categorized as ransomware. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |