Angela Merkel Ransomware

The current world political scene is clearly in turmoil. It is, therefore, no surprise that ransomware and other threats themed around different political figures are being released. Like the Donald Trump Ransomware and other, similar attacks, the Angela Merkel Ransomware is themed around the German prime minister. Apart from this theme, though, there is nothing to distinguish the Angela Merkel Ransomware from the countless other ransomware Trojans that are active in the wild currently. Like most ransomware Trojans, the Angela Merkel Ransomware is being distributed through the use of corrupted spam email attachments. These corrupted spam email attachments will often take advantage of corrupted scripts and vulnerabilities in macros to download and install the Angela Merkel Ransomware onto the victim's computer. The Angela Merkel Ransomware will identify the files that have been compromised during the attack with the extension '.angelamerkel,' which is added to the end of each affected file.

How the Angela Merkel Ransomware Attack Works

The executable file for the Angela Merkel Ransomware may be disguised as the updater application for Google Chrome, although if one looks carefully, its name is misspelled. This corrupted file process that carries out the Angela Merkel Ransomware attack on the victim's computer is named 'ChromeUpadter.exe.' The Angela Merkel Ransomware infection is not difficult to understand. Once the Angela Merkel Ransomware is installed on the vicitm's computer, it uses an AES-256 encryption algorithm to encrypt the victim's files, thus making them inaccessible. The Angela Merkel Ransomware can encrypt a wide variety of file types, including files with the following extensions:

.3GP, .7Z, .APK, .AVI, .BMP, .CDR, .CER, .CHM, CONF, .CSS, .CSV, .DAT, .DB, .DBF, .DJVU, .DBX, .DOCM, ,DOC, .EPUB, .DOCX .FB2, .FLV, .GIF, .GZ, .ISO .IBOOKS,.JPEG, .JPG, .KEY, .MDB .MD2, .MDF, .MHT, .MOBI .MHTM, .MKV, .MOV, .MP3, .MP4, .MPG .MPEG, .PICT, .PDF, .PPS, .PKG, .PNG, .PPT .PPTX, .PPSX, .PSD, .RAR, .RTF, .SCR, .SWF, .SAV, .TIFF, .TIF, .TBL, .TORRENT, .TXT, .VSD,.WMV, .XLS, .XLSX, .XPS, .XML, .CKP, ZIP, .JAVA, .PY, .ASM, .C, .CPP, .CS, .JS, .PHP, .DACPAC, .RBW, .RB, .MRG, .DCX, .DB3, .SQL, .SQLITE3, .SQLITE, .SQLITEDB, .PSD, .PSP, .PDB, .DXF, .DWG, .DRW, .CASB, .CCP, .CAL, .CMX, .CR2.

The files encrypted by the Angela Merkel Ransomware will have their extension changed. The Angela Merkel Ransomware will encrypt all files on the affected computer, as well as on drives connected to the victim's computer and shared drives. After carrying out its attack, the Angela Merkel Ransomware will deliver its ransom note through an HTA application. This method has become the preferred ransom note delivery method for many ransomware Trojans released in 2016. The Angela Merkel Ransomware's ransom note is dropped on the victim's Desktop in a file named 'READ ME.hta' that displays a window named 'Angela Merkel hat dich infected,' which in German means 'Angela Merkel has infected you.' The text in the Angela Merkel Ransomware ransom note reads as follows:

'ALL YOUR FILES ARE ENCRYPTED
PAY 1200€ IN BTC TO MY WALLER
TO GET YOUR DECRYPTION KEY
DONT KNWO WHERE TO BUY BITCOIN THEN GO TO
LOCALBITCOINS.COM'

Dealing with an Angela Merkel Ransomware Infection

The ransom demanded by the Angela Merkel Ransomware, which equals around 1.8 BitCoins, is extremely high compared to most other ransomware Trojans. Malware researchers strongly advise computer users against paying the Angela Merkel Ransomware ransom. There is a low probability that the people responsible for the Angela Merkel Ransomware attack will deliver the decryption key after the payment has been made. They are just as likely to ignore the victim or simply ask for more money. Computer users should recover their files by restoring them from a backup copy. This is why ensuring that there are adequate backups of all files is the best measure to deal with encryption ransomware Trojans like the Angela Merkel Ransomware. Fortunately, the increased availability of inexpensive cloud storage and external memory devices means that computer users now have no reason not to back up their data regularly.