BonziBuddy Ransomware

The BonziBuddy Ransomware was discovered by malware researchers in the second week of November 20016. The BonziBuddy Ransomware was reported by victims of the Trojan who said that their data was encrypted and a program window titled 'Bonzibuddy Says' appeared on their desktops. Initial threat analysis did not uncover features that we have not seen already in threats such as the Gingerbread Ransomware and the HappyLocker Ransomware. Also, the name 'BonziBuddy' is likely to be taken from the BonziBuddy desktop assistant that was released in 1999 and was supported until 2004.

The BonziBuddy Ransomware is Likely to Bb a Test Version which We may See Under a New Name in the Future

Researchers suspect that the BonziBuddy Ransomware may be a test variant for an encryption Trojan that is being developed at the time of discovery. The code underneath BonziBuddy Ransomware did not include encryption functionality, but that can be changed in the future easily. As stated above, affected users were shown a program window named 'Bonzibuddy Says,' which demanded the user enter a code into a text box to have the PC 'saved.' The 'Bonzibuddy Says' windows features the following message:

'yOUR A BONZIBUDY LOVER
YOUR FILES ARE MINE
[text box]
OK [button]
Save your Computer
yOU SUCK BYE'

The Maker of the BonziBuddy Ransomware Lacks Manners and Proper Coding Skills

The author of the BonziBuddy Ransomware may have been in a hurry to set up the payment request instead of making improvements to the Trojan. At the time of detection, the BonziBuddy Ransomware does not use AES, XOR, and RSA ciphers, which are popular among ransomware developers. Additionally, the BonziBuddy Ransomware does not limit the user's access to the computer, which we have seen with the 'MagicMinecraft' Screenlocker and the ScreenLocker Ransomware. Computer users need to stay on their guard and avoid spam emails that are the primary carrier of threats like the BonziBuddy Ransomware. You should think about installing a backup manager and benefiting from cloud-based services like the Google Drive and Dropbox. Removal of the BonziBuddy Ransomware can be achieved through the use of a credible anti-spyware instrument. AV vendors may flag files used by variants of the BonziBuddy Ransomware as:

• JOKE_BONZITHREAT
• Ransom-Joke.BonziBuddy
• W32.Troj.Ransom.Filecoder!c
• Win32.Trojan-Ransom.Filecoder.P@gen
• Win32:Malware-gen