Anon Ransomware

The Anon Ransomware might be a ransomware threat that is still being developed. The Anon Ransomware underlying code seems identical to another threat called DemonWare, but unlike DemonWare, it cannot encrypt the files of the affected users. The Anon Ransomware doesn't allow this small fact to stop its flow, though. The Anon Ransomware presents its ransom note as a text file named 'README.txt' proudly, and to make sure that the users will not somehow miss seeing it, it also generates a pop-up without containing the same text.

The hackers state that the Anon Ransomware uses basic encryption to lock files (although it doesn't currently). They also threaten that if no payment has been made within 10 hours after the infection starts, all files will be deleted. Victims of the Anon Ransomware are expected to send exactly €50 in Bitcoin to the provided cryptocurrency wallet address. An email address - 'anonymous@academail.net,' that could be used for communication with the hackers, is also mentioned in the note.

For the moment, anyone who sees the message generated by the Anon Ransomware has no reason to panic and could simply use a legitimate anti-malware program to clean the malware. An updated version with encryption capabilities, however, could be released at any point by the cybercriminals.

The text of the Anon Ransomware's note is:

'YOU GOT HACKED!

Seems like you got hit by the Anon Ransomware!

Don't Panic, you get have your files back!

Anonymous uses a basic encryption script to lock your files.

This type of ransomware is known as CRYPTO.

You'll need a decryption key in order to unlock your files.

Your files will be deleted when the timer runs out, so you better hurry.

You have 10 hours to find your key

SEND EXACT AMOUNT TO THIS BITCOIN ADRES: 3NXERDjVsr8wW8de6KmskPh9wrXU8XeVwN

YOU CAN BUY BITCOIN ON THIS WEBSITE: hxxps://anycoindirect.eu/

AMOUNT: 50EUR

anonymous@academail.net

Kind regards,

Anonymous'