MafiaWare Ransomware

MafiaWare Ransomware Description

The MafiaWare Ransomware is a ransomware Trojan that is used to force computer users to pay large sums after taking their files hostage. The MafiaWare Ransomware uses an attack method that is typical of these attacks. Ransomware Trojans like the MafiaWare Ransomware take victim's files hostage by encrypting them with a strong combination of encryption algorithms. Once the victim's files have been encrypted, they become completely inaccessible without the decryption key (which the con artists hold in their possession). The MafiaWare Ransomware delivers a ransom note, threatening the victims with the permanent loss of their files unless the ransom is paid. PC security researchers consider threats like the MafiaWare Ransomware a powerful and severe threat to the computer's security. You should take preemptive measures against the MafiaWare Ransomware and other, similar threats.

How the MafiaWare Ransomware may Infect Your Computer

The MafiaWare Ransomware is also known as 'depsex' because of some details in its ransom note and code. The MafiaWare Ransomware's was first detected on January 5, 2017. The MafiaWare Ransomware was first observed on online anti-virus engines that may be used by malware developers to test their threat creations and find out if they can be detected by current anti-virus programs. The MafiaWare Ransomware is based on Hidden Tear, an open source ransomware engine that was released publicly for 'educational purposes.' Since the release of Hidden Tear, countless ransomware variants taking advantage of its easily available ransomware platform have been released.

The MafiaWare Ransomware is being distributed in spam email messages, as well as through corrupted links that lead computer users to an attack website where the MafiaWare Ransomware is downloaded and installed. Corrupted spam email messages associated with the MafiaWare Ransomware will include a file attachment and a social engineering component designed to trick the victim into opening the file attachment. For example, the email message may claim that the file attachment is a bank statement, and the message is designed to look like a legitimate email from the victim's bank. These corrupted file attachments will take the form of DOC files (or other innocuous file types) that exploit the macro functionality to connect to a remote server and download corrupted files onto the victim's computer.

The Scary Name Used by the MafiaWare Ransomware

The MafiaWare Ransomware's executable file will be installed on either the AppData or the Temp directories on the victim's computer. The MafiaWare Ransomware's attack is typical of these infections: the MafiaWare Ransomware scans the victim's hard drives and removable memory devices for certain file types, which match a list of file extensions in the MafiaWare Ransomware's code. The MafiaWare Ransomware will target commonly used files such as Office documents, eBooks, images, media files, databases, etc. The MafiaWare Ransomware uses a combination of the RSA and AES encryption to encrypt the victim's files, making them inaccessible without the decryption key. The MafiaWare Ransomware adds the extension '.Locked-by-Mafia' to each affected file. The MafiaWare Ransomware delivers its ransom note in the form of a file named 'READ_ME.txt,' which will be dropped on the victim's desktop after the files have been encrypted. Below is the full text of the MafiaWare Ransomware ransom note:

'Your files has been encrypted by depsex
Pay $155 to my bitcoin address [34 RANDOM CHARACTERS]
And send the proof to my email dompetpresiden@gmai1.com'

Dealing with the MafiaWare Ransomware

Although malware researchers have released decryption programs for Hidden Tear variants, it is unknown if they will work with the MafiaWare Ransomware infection currently. The best protection against the MafiaWare Ransomware and other ransomware Trojans is to ensure that there are backups of all files. This way, computer users can recover the encrypted files quickly by restoring them from the backup copy. A reliable security application that is fully up-to-date can intercept and remove the MafiaWare Ransomware before it is installed. Caution should also be used when dealing with any unsolicited email attachment.

Infected with MafiaWare Ransomware? Scan Your PC for Free

Download SpyHunter’s Spyware Scanner
to Detect MafiaWare Ransomware
* SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware removal tool to remove the malware threats. Read more on SpyHunter. If you no longer wish to have SpyHunter installed on your computer, follow these steps to uninstall SpyHunter.

Security Doesn't Let You Download SpyHunter or Access the Internet?


Solutions: Your computer may have malware hiding in memory that prevents any program, including SpyHunter, from executing on your computer. Follow to download SpyHunter and gain access to the Internet:
  • Use an alternative browser. Malware may disable your browser. If you're using IE, for example, and having problems downloading SpyHunter, you should open Firefox, Chrome or Safari browser instead.
  • Use a removable media. Download SpyHunter on another clean computer, burn it to a USB flash drive, DVD/CD, or any preferred removable media, then install it on your infected computer and run SpyHunter's malware scanner.
  • Start Windows in Safe Mode. If you can not access your Window's desktop, reboot your computer in "Safe Mode with Networking" and install SpyHunter in Safe Mode.
  • IE Users: Disable proxy server for Internet Explorer to browse the web with Internet Explorer or update your anti-spyware program. Malware modifies your Windows settings to use a proxy server to prevent you from browsing the web with IE.

If you still can't install SpyHunter? View other possible causes of installation issues.

Site Disclaimer

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.

IMPORTANT! To be able to proceed, you need to solve the following simple math.
Please leave these two fields as is:
What is 4 + 2 ?