BlackSheep Ransomware
The BlackSheep Ransomware is designed to encrypt the victim's files, making them inaccessible. The BlackSheep Ransomware will take the victim's computer hostage. Once the BlackSheep Ransomware has locked the victim's files, it will demand the payment of a ransom from the victim to release the affected files. Encryption ransomware Trojans like the BlackSheep Ransomware are among the most common threat infections active currently. Although threats like the BlackSheep Ransomware can be removed with a reliable security program that is fully up-to-date easily, the scary thing about these threats is that even if the BlackSheep Ransomware itself is removed, once the victim's files have been encrypted, they cannot be recovered without the decryption key – the damage is done. Because of this, the con artists rely on these attacks to extort computer users, taking their files hostage and then demanding the ransom payment in exchange for the decryption key needed to restore the affected files.
Table of Contents
A New Member on the BlackSheep Flock
There are countless variants of the BlackSheep Ransomware tactic. The version of the BlackSheep Ransomware observed by PC security researchers demands a ransom of $500 USD to be paid in BitCoins. The BlackSheep Ransomware encrypts its victims' files and adds the file extension '.666' to the end of each affected file's name to make it clear which files have been affected by the BlackSheep Ransomware attack. Ransomware Trojans like the BlackSheep Ransomware are becoming more common increasingly, and computer users should protect their computers from this threat. The BlackSheep Ransomware combines a screen locker approach in its attack, essentially blocking access to the victim's computer while it encrypts the victim's files.
How the BlackSheep Ransomware Carries out Its Attack
The BlackSheep Ransomware is part of a wave of ransomware Trojans released in May 2017, which include threats like the FuckTheSystem Ransomware Trojan, which was released in the earlier part of the month. The BlackSheep Ransomware runs as an executable file named BLACKSHEEP.exe, which carries out the BlackSheep Ransomware's encryption. As part of its attack, the BlackSheep Ransomware will display a lock screen that takes up the entire victim's screen and is designed to look like a blue Windows Update notification. However, a closer look will reveal various inconsistencies that make it clear that the screen presented by the BlackSheep Ransomware is not related to the Windows operating system. This screen makes it seem as if a Windows Update is being carried out while, in reality, the BlackSheep Ransomware is encrypting the victim's files in the background silently. The BlackSheep Ransomware's lock screen takes the form of a blue full-screen window with the message:
'Wait Until It's Completed
Window Update in Progress'
The BlackSheep Ransomware will target the user-generated files in its attack, encrypting the files generated with software like Microsoft Office or Adobe Photoshop as well as images, movies, music, and numerous other file types. Once encrypted by the BlackSheep Ransomware, the file extension '.666' will be added to the file's name. After encrypting the victim's files, the BlackSheep Ransomware will display a ransom note that claims that it is necessary to pay $500 USD in Bitcoins within 54 hours, or the files will be lost permanently. The following is the full text displayed in the BlackSheep Ransomware's ransom note:
'ALL YOUR IMPORTANT FILES, DOCUMENTS, MP3s, VIDEOS, AND EVEN YOUR COMPUTER SCREEEN IS HACKED. THERE IS NO SOLUTION ANYWHERE UNLESS YOU PAY $500 TO GET THE KEY TO DECRYPT WE CAN BE NICE AND WE CAN BE SO MEAN, IT ALL DEPENDS ON YOU. PAY WITHIN 54 HOURS. PAY INTO THE BITCOIN ADDRESS BELOW.'
Dealing with a BlackSheep Ransomware Infection
The best way to deal with the BlackSheep Ransomware is to have a reliable backup system so that the encrypted files can be restored from the backup copy. A reliable security program also can be used to remove the BlackSheep Ransomware, although it will not restore the affected files. Due to the nature of the BlackSheep Ransomware, it is likely that PC security researchers will release a decryption key eventually.
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.