Blind Ransomware
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
Ranking: | 6,415 |
Threat Level: | 50 % (Medium) |
Infected Computers: | 2,021 |
First Seen: | September 19, 2017 |
Last Seen: | September 18, 2023 |
OS(es) Affected: | Windows |
The Blind Ransomware is an encryption ransomware Trojan. The Blind Ransomware was first observed on September 15, 2017, and is typically delivered to its victims via corrupted spam email attachments. The email messages used to deliver the Blind Ransomware tend to use social engineering techniques that make it seem as if the email message is coming from a legitimate sender, such as Facebook, PayPal or Google. Then, if the victim opens the file attachment, it will download and install the Blind Ransomware on the victim's computer. These attachments tend to take the form of malicious Microsoft Office files with embedded macro scripts. Computer users should treat email attachments with suspicion, as they are the most common way of distributing threats like the Blind Ransomware.
Table of Contents
A Blind Ransomware Infection and Its Effects
The Blind Ransomware and similar threats, like most encryption ransomware Trojans, are designed to encrypt the victims' files, using a strong encryption algorithm to make the victim's files inaccessible. The Blind Ransomware will target the user-generated files, such as photos, audio, and videos while allowing Windows to continue to function. In this way, the Blind Ransomware is capable of encrypting the victim's files, but the victim still can use the infected computer to pay a ransom amount, (which would not be the case if all the victim's files were encrypted, including the system files). Since the Blind Ransomware uses a combination of the AES 256 and RSA 2048 encryptions to compromise the victim's files, it may not be possible to restore the files encrypted by the Blind Ransomware attack. Once the Blind Ransomware encrypts a file, it will change the infected file's name to include an email address associated with the Blind Ransomware and the file extension '.blind.'
How the Con Artists Use the Blind Ransomware to Profit at Your Expense
After the victim's files have been infected, the victim will receive a ransom note, a message threatening the victim with the permanent loss of the affected files unless the victim makes a ransom payment. The Blind Ransomware uses an HTA file to deliver its ransom note. This file is named 'How_Decrypt_Files.hta' and will appear in the infected computer's Desktop and Documents library. This file will load on the infected computer's Web browser in a program window and will display the following message:
'All your files have been encrypted!
All your files have been encrypted due to a security problem with your PC. If you want to restore them, write us to the e-mail blind@cock.li You have to pay for decryption in Bitcoins. The price depends on how fast you write to us. After payment, we will send you the decryption tool that will decrypt all your files.
Free decryption as guarantee
Before paying you can send us up to 3 files for free decryption. The total size of files must be less than 1Mb (non archived), and files should not contain valuable information. (databases,backups, large excel sheets, etc.)
How to obtain Bitcoins
The easiest way to buy bitcoins is LocalBitcoins site. You have to register, click 'Buy bitcoins', and select the seller by payment method and price.
Also you can find other places to buy Bitcoins and beginners guide here:
hxxp://www.coindesk.com/information/how-can-i-buy-bitcoins/
hxxp://www.coindesk.com/information/how-can-i-buy-bitcoins/
Your personal identification number: [1536 RANDOM CHARACTERS]'
Dealing with the Blind Ransomware
It is recommended that computer users avoid contacting the people responsible for the Blind Ransomware or paying its ransom amount. Instead, they should do whatever it takes to ensure that their data stays safe in the event of a Blind Ransomware attack. The best way they can fight ransomware Trojans like the Blind Ransomware is to have file backups. Backup copies of your files will make the people responsible for the Blind Ransomware attack lose any leverage to demand a ransom payment
URLs
Blind Ransomware may call the following URLs:
.searchtheweb.today |
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.