AngleWare Ransomware
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Threat Level: | 100 % (High) |
| Infected Computers: | 3 |
| First Seen: | March 27, 2017 |
| Last Seen: | April 18, 2018 |
| OS(es) Affected: | Windows |
The AngleWare Ransomware is an encryption ransomware Trojan based on HiddenTear, an encryption ransomware engine that was released in 2016 to the public for 'educational purposes.' Since its release, HiddenTear has been responsible for countless ransomware variants, including the AngleWare Ransomware. Computer users are advised to take precautions to limit the damage caused by ransomware Trojans like the AngleWare Ransomware, which are becoming very common. In most cases, having backup copies of all files is the best way to ensure that these threats do not cause lasting damage. The AngleWare Ransomware may be delivered through corrupted spam email messages, and malware analysts advise computer users to learn to handle email messages securely.
Table of Contents
How the AngleWare Ransomware may be Delivered
A document containing corrupted macro scripts may appear in the victim's email inbox. This document may be be linked to some kind of social engineering tactic to trick the computer user into opening an attached file. For example, the document may claim to be an invoice or a notification from a social media platform. Once the victim opens the corrupted document, the AngleWare Ransomware will be installed on the victim's computer and get to work immediately by carrying out its attack. The AngleWare Ransomware uses the AES-256 encryption to encrypt the victim's files, making them completely inaccessible. During its attack, the AngleWare Ransomware will target a wide variety of file types, including the following:
.3GP, .7Z, .APK, .AVI, .BMP, .CDR, .CER, .CHM, .CONF, .CSS, .CSV, .DAT, .DB, .DBF, .DJVU, .DBX, .DOCM, ,DOC, .EPUB, .DOCX .FB2, .FLV, .GIF, .GZ, .ISO .IBOOKS,.JPEG, .JPG, .KEY, .MDB .MD2, .MDF, .MHT, .MOBI .MHTM, .MKV, .MOV, .MP3, .MP4, .MPG .MPEG, .PICT, .PDF, .PPS, .PKG, .PNG, .PPT .PPTX, .PPSX, .PSD, .RAR, .RTF, .SCR, .SWF, .SAV, .TIFF, .TIF, .TBL, .TORRENT, .TXT, .VSD,.WMV, .XLS, .XLSX, .XPS, .XML, .CKP, .ZIP, .JAVA, .PY, .ASM, .C, .CPP, .CS, .JS, .PHP, .DACPAC, .RBW, .RB, .MRG, .DCX, .DB3, .SQL, .SQLITE3, .SQLITE, .SQLITEDB, .PSD, .PSP, .PDB, .DXF, .DWG, .DRW, .CASB, .CCP, .CAL, .CMX, .CR2.
The AngleWare Ransomware and Its Ransom Fee
The AngleWare Ransomware seems to be a variant of the MafiaWare Ransomware, and uses an identical attack. Once the AngleWare Ransomware encrypts the files, the AngleWare Ransomware also will encrypt the decryption key using the RSA encryption, making it completely inaccessible. Unfortunately, the files encrypted by the AngleWare Ransomware cannot be recovered without the decryption key, which the con artists hold in their possession in exchange for ransom. The AngleWare Ransomware delivers the following ransom note in a text file on the victim's Desktop:
'Your files has been encrypted by AngleWare
Pay 3BTC to my bitcoin address 1NEcE8ffNZqAucBtp42a5YXMMUSLY7YfEP
And send the proof to my email angledarknet@gmail.com'
The ransom amount demanded by the AngleWare Ransomware, nearly $3000 USD, is outrageous high. Malware researchers strongly advise computer users to refrain from paying this large ransom. This high ransom amount is typical of ransomware Trojans designed to infect servers and corporate networks, but meanwhile, there have been no reports of these infections involving the AngleWare Ransomware Trojan.
Protecting Your Computer from the AngleWare Ransomware
The best protection against threats like the AngleWare Ransomware is to have file backups. If computer users can restore their data from a backup copy, then they have no need to pay the AngleWare Ransomware ransom, taking away leverage from the people responsible for the attack. Make sure that file backups are on an external, offline drive, or the cloud and not synchronized with the main computer. Otherwise, there is a risk that the contents of the backup storage also could become compromised. If backups are in place, then the best solution to the AngleWare Ransomware attack is to delete the encrypted files (or wipe clean the entire drive if backups exist) and then replace the lost data with the backup copies. A reliable security program that is fully up-to- date should be capable, in most cases, of intercepting and deleting the AngleWare Ransomware infection.
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.