Bright Black Ransomware
The Bright Black malware tries to pass itself as a legitimately threatening ransomware. Ransomware threats have become a real plague for both individual users and the biggest corporations out there. These harmful creations are designed to lock the data on the systems they manage to infect via uncrackable cryptographic algorithms. As a result, victims lose the ability to access any of their valuable documents, databases, archives, etc.
However, when it comes to the Bright Black Ransomware, the threat does create the initial impression that all of the affected data has been rendered unusable. Files belonging to the targeted file types will have an 'x' placed in front of their original file extensions. For example, a file named 'Image1.png' will be renamed to 'Image1.xpng.' What is important to know, is that the internal data of the files is left intact and is not subjected to any encryption. Removing the 'x' is highly likely to restore users' files to their normal state.
Table of Contents
Ransom Note’s Details
Again, as is expected from a ransomware threat, the Bright Black delivers a ransom note message with instructions for its victims. In fact, the threat will display its ransom note as a pop-up window, as well as an HTML file named 'ransnote.html.' The operators of the ransomware attempt to scare users with claims that the malware uses the military-grade AES-256 cryptographic algorithm to encrypt data. However, s we said earlier, this is not true. The cybercriminals continue by instructing their victims to contact the 'brightblack#6937' account on Discord.
The full text of the threat's ransom note is:
'$$$ BRIGHT BLACK RANSOMWARE $$$
WHAT HAPPEND? ALL YOUR FILES GOT ENCRYPTED USING AES-256!
HOW TO DECRYPT THEM? IT'S SIMPLE WRITE TO ME ON DISCORD brightblack#6937!
DISCALMER: IF YOU TRY TO DECRYPT THEM USING OTHER SOFTWARE YOU CAN LOST THEM FORVER!!!
The pop-up window displays the following message:
Good luck!
Run brightblack decryptor to get files back 🙂'
SpyHunter Detects & Remove Bright Black Ransomware
File System Details
# | File Name | MD5 |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
---|---|---|---|
1. | file.exe | 82559214d5778ff5be1bf375055c92c9 | 0 |
2. | file.exe | c117565f5ae76eb1d1d9bf936260405b | 0 |