Caleb Ransomware
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Threat Level: | 100 % (High) |
| Infected Computers: | 2 |
| First Seen: | September 23, 2019 |
| Last Seen: | March 6, 2020 |
| OS(es) Affected: | Windows |
A new file-locker that goes by the name 'Caleb Ransomware' has been spotted in the wild. According to user reports, the file-encryption Trojan is being delivered via bogus email attachments that come via a phishing message. Often, the crooks sending out these fake emails may be spoofing them to look as if they were sent by a legitimate company, organization or institution. It is recommended to avoid opening emails from unknown senders if they urge you to download and review and unexpected file attachment, especially. Of course, you should also rely on a good anti-virus product to keep such files away from your computer.
The Caleb Ransomware Appends a Lengthy Extension to Locked Files
If the Caleb Ransomware is not stopped on time and it ends up being run on an unprotected computer, then the victim of the attack might end up losing access to most of their important files. The Caleb Ransomware, based on the Phobos Ransomware, goes after some of the most commonly used file formats – documents, archives, text files, spreadsheets, presentations, databases, pictures, etc. Whenever it locks a file, it will mark its name by adding the extension '.id[
Another change that the Caleb Ransomware makes is to create two files that contain a message from the attackers – one of the files is in the '.hta' format, while the other one is a plain text file. Their contents are identical, and they tell the victims that the only way to recover their files is to cooperate with the attackers and follow their instructions. However, the demands of the attackers are not small – they want to be paid a hefty compensation via Bitcoin, and you should never agree to send cryptocurrency to anonymous cybercriminals.
Cooperating with the Crooks behind the Caleb Ransomware is a Bad Idea
Victims of the Caleb Ransomware should ignore the message of the perpetrators because paying the ransom fee may end up costing them not just their files, but their money as well. Instead, they should try to resolve the issue with the use of legitimate software – use an anti-virus engine to remove the Caleb Ransomware, and then try out reputable data recovery utilities.
