Trump Ransomware is just a disguise of VenusLocker

A new Ransomware is on the prowl which not only locks the victim’s computer/database but also posts a meme photo of the US President Donald Trump after the ransom note. The said new ransomware has originated in the past couple of weeks and is has succeeded in infecting around 3 manufacturing companies so far.

Security experts have analyzed the new malware and came to a conclusion that it is a disguise of VenusLocker.

NOTE- VenusLocker is a ransomware family which was discovered on August 4th of last year. It is now running on an update of December 23rd, 2016 and mainly targets Windows PCs. It encrypts files using an AES 256 and collects system info from the infected machine and sends it to the remotely located C2 server.

As of now, experts aren’t sure that the Trump Locker ransomware is/was developed by the hackers who developed VenusLocker. But they are in an opinion that the new malware is being circulated through Phishing.

If you suspect that a ransomware infected PC might be a victim of Trump Locker, then you can check whether you get a RansomNote.exe file after each bootup. Some Pcs are readily displaying the image of Trump and so this evidence is enough that the Pc has been hit with the said ransomware.

In order to decrypt the PC, hackers are demanding bitcoins to gain the private key to unlock the files and that too within a period of 72 hours.
All those individuals who have been the victims of this attack said that they were being targeted by law enforcement officials for no reason. They said that the hackers demanded $1600 worth of bitcoins to unlock their files.

But as soon as these individuals learned about the Trump Locker Ransomware from, Reddit they realized that it was a conspiracy from the dark world and not from the authorities of the 45Th US President Donald Trump.

Obviously, why will the president hack the PCs of individuals who are not even celebrities or political stalwarts?

Coming to the companies list which has been hit with the said malware, all the 3 companies are identified to be from the manufacturing sector and who are about to sack thousands of workers by shifting production to other shores due to the new policies formulated by Trump.

More details are awaited!

Ad
Naveen Goud
Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display