ALC Ransomware
ALC is a malware threat that tries to pass itself as part of the ransomware category. However, in reality, ALC lacks some of the defining attributes of this dangerous class of malware threats. Indeed, despite its claims, ALC does not encrypt the victim's files. Instead, it creates a lock screen that displays a ransom note in full-screen mode.
Additionally, ALC drops multiple files on the victim's Desktop. The ransom note of the threat provides the victim with contact and payment information. After all, the threat actors are still trying to extort money from the impacted users or organizations.
The ALC Ransomware Demands Thousand of Dollars as Ransom
The ransom note, which appears on the victim's screen, informs them that their files have been encrypted and are currently inaccessible. However, as mentioned earlier, this is not true. Still, the ransom note provides detailed instructions on how to pay the ransom, which involves sending $2000 in Monero cryptocurrency to a specified crypto-wallet wallet address and then sending an email to the 'Alc@cock.li' address. The note also warns victims that if they don't pay the ransom within a week, their files will be permanently encrypted, and decryption will not be possible.
Moreover, the ransom amount will double after two days, which puts pressure on victims to pay quickly. The cybercriminals behind ALC Ransomware rely on the intimidation factor created by their ransom note to frighten and convince victims to pay the demanded money.
Although the ransom note implies that the attackers have encrypted the victim's files, it's not the case with the ALC Ransomware. Instead, it is believed that the attackers are attemptng to trick victims into sending them money without actually encrypting their files. Additionally, the ALC Ransomware disables Task Manager, which makes it difficult for victims to terminate the program. However, this can be fixed by rerunning the Task Manager.
How can Users Deal with Fake Ransomware Threats Like the ALC Ransomware
If you have been infected with a fake ransomware variant such as ALC, which does not encrypt your files, you can follow the steps below to remove it from your system:
- Scan your system with updated anti-malware software to detect and remove any corrupted files associated with ALC. It's recommended that you perform a full system scan to ensure that there are no remaining infections.
- In case ALC has modified your system settings or disabled Task Manager, try restarting your computer in Safe Mode. Safe Mode allows you to access the Task Manager and modify system settings without any interference from the ransomware.
- Finally, take preventive measures to avoid future ransomware infections, such as keeping your system and software up to date, using anti-malware software, and being cautious while opening email attachments or downloading software from the internet.
By following these steps, you can remove fake ransomware variants like ALC from your system and prevent future infections. It's crucial to be vigilant and keep your system up to date to stay protected against cyber threats.
The full text of the ransom note left by the ALC Ransomware is:
'ALC
All your files are encrypted and inaccessible
How to decrypt my files?
Instructions
To recover your data, send amount to my wallet below and then send a
Send a message to the email: Alc@cock.li and inform that you have sent the amoun and Mention cvID, SuffID, personnelID in the same message.decrypt process
To decrypt, after sending the email to the personnel,
Your payment will be confirmed and your cvID will be sent to the key decryption sec decryption instructions will be sent to you.
Note: file decryption is not possible after a week
Note: The amount paid will be doubled after two days
Note: Decryption tools are unable to decrypt your files due to the randomness of thwallet: 46yRW1YjGQUgZi2CrrX5ENj9boHWD8VqYJbGyv1f9Q gvGuqJfUanwsfEEBuFhu4VqeaQVwqx2ctLPQbFbHjiRCja4cak53o
amount: 554XMR
cvID:
SuffID:
personnelid :
Amount = 2000$The ransom amount is doubled two days later
Support email: Alc@cock.li'
