Arsium Ransomware

Recently, a hacking forum user that goes under the alias of Arsium uploaded a ransomware builder on said forum. This ransomware builder is being distributed free of charge. Such a move has the potential to cause great harm because anyone with ill intentions can download this ransomware builder and create and propagate their own data-locking Trojan.

Limited Abilities

The Arisum Ransomware toolkit is very limited in regards to what directories can be targeted and locked. This ransomware builder is only capable of going after the files, which are located in the desktop folder. However, the creator of the Arsium Ransomware builder may change this in the future and include other directories too. The Arisum Ransomware toolkit appends an extension to the encrypted files and chooses a password (key) that the ransomware will use to encrypt files - this eliminates the need of an Internet connection and permits the Arsium Ransomware to work in offline mode. An interesting fact about the Arsium Ransomware builder is that it is not able to create a ransom note. This means that the attackers cannot give out contact details or inform the victim what the ransom fee is.

However, there is some good news – the creator of the Arsium Ransomware toolkit has used an encryption algorithm called Blowfish. This particular file-encryption routine has previously been spotted in threats like the Globe Ransomware. Back then, malware experts managed to crack it fairly quickly. This means that users affected by the Arsium Ransomware builder may be able to decrypt their files for free using a publicly available decryption tool. Despite this, if fallen into the hands of more highly-skilled cyber criminals, the Arsium Ransomware toolkit can be weaponized and used to carry out mass attacks. This is why you should make sure to download and install a legitimate anti-malware software suite, which will maintain your system safe from threats that could sprout from the Arsium Ransomware project and give you peace of mind.