BDDY Ransomware

Cybercriminals keep pumping out numerous new ransomware threats every year. File-locking Trojans are one of the nastiest threats online as they sneak into user's systems and lock all their data. Attackers tend to require a ransom fee in exchange for a decryption key that will help the victim recover their data. Malware researchers work tirelessly to create free decryption tools for ransomware threats that have claimed a significant number of victims, but, unfortunately, most data-encrypting Trojans are not decryptable for free. One of the newest file-locking Trojans is called BDDY Ransomware. When researchers dissected the BDDY Ransomware, they found that this is a variant of the Matrix Ransomware. The bad news is that Trojans that belong to the Matrix Ransomware are not decryptable for free.

Propagation and Encryption

The infection methods involved in the spreading of the BDDY Ransomware are not yet known. Experts speculate that the creators of the BDDY Ransomware may be utilizing mass spam email campaigns, bogus application updates and downloads, fake pirated copies of popular applications, and media, among other popular propagation methods. Upon infecting a computer, the BDDY Ransomware will make sure to scan all the data that is present on the victim's PC. Most ransomware threats target all sorts of files – documents, images, videos, spreadsheets, presentations, archives, databases, etc. This ensures maximum harm and makes it more likely for the victim to consider paying the ransom fee demanded. When the BDDY Ransomware encrypts a file, it alters its name following the '[Buddy@criptext.com].[]-[]. BDDY' pattern. Changing the filenames entirely makes it more difficult for the user to figure out how much damage has been done to their system. Once a file gets locked by the BDDY Ransomware, it will no longer be usable.

The Ransom Note

When the encryption process is completed, the BDDY Ransomware will take the next step – the dropping of the ransom note. The BDDY Ransomware' ransom message is contained in a file named '#BDDY_README#.rtf.' There is not a specific ransom mentioned. The authors of the BDDY Ransomware require users to get in touch with them via email in order to receive further information – ‘buddy888@tutanota.com,' ‘buddy888@protonmail.com,' and ‘buddy@criptext.com.'

Keep your distance from cyber crooks like the creators of the BDDY Ransomware. Even people who decide to pay the sum required are often left empty-handed when the cybercriminals do not keep their word and provide a decryption tool. This is why it is far safer to download and install a legitimate anti-spyware suite that will not only remove the BDDY Ransomware from your PC but will also keep your system safe in the future, ensuring that you do not end up in the same difficult situation.