Caleb Ransomware

Threat Scorecard

Threat Level: 100 % (High)
Infected Computers: 2
First Seen: September 23, 2019
Last Seen: March 6, 2020
OS(es) Affected: Windows

A new file-locker that goes by the name 'Caleb Ransomware' has been spotted in the wild. According to user reports, the file-encryption Trojan is being delivered via bogus email attachments that come via a phishing message. Often, the crooks sending out these fake emails may be spoofing them to look as if they were sent by a legitimate company, organization or institution. It is recommended to avoid opening emails from unknown senders if they urge you to download and review and unexpected file attachment, especially. Of course, you should also rely on a good anti-virus product to keep such files away from your computer.

The Caleb Ransomware Appends a Lengthy Extension to Locked Files

If the Caleb Ransomware is not stopped on time and it ends up being run on an unprotected computer, then the victim of the attack might end up losing access to most of their important files. The Caleb Ransomware, based on the Phobos Ransomware, goes after some of the most commonly used file formats – documents, archives, text files, spreadsheets, presentations, databases, pictures, etc. Whenever it locks a file, it will mark its name by adding the extension '.id[-<4 RANDOM NUMBERS>].[]. Caleb.'

Another change that the Caleb Ransomware makes is to create two files that contain a message from the attackers – one of the files is in the '.hta' format, while the other one is a plain text file. Their contents are identical, and they tell the victims that the only way to recover their files is to cooperate with the attackers and follow their instructions. However, the demands of the attackers are not small – they want to be paid a hefty compensation via Bitcoin, and you should never agree to send cryptocurrency to anonymous cybercriminals.

Cooperating with the Crooks behind the Caleb Ransomware is a Bad Idea

Victims of the Caleb Ransomware should ignore the message of the perpetrators because paying the ransom fee may end up costing them not just their files, but their money as well. Instead, they should try to resolve the issue with the use of legitimate software – use an anti-virus engine to remove the Caleb Ransomware, and then try out reputable data recovery utilities.


I HAVE THE caleb virus on a server 2003. will this sodtware run and remove it?

Hello. Yes, SpyHunter can safely detect and automatically remove Caleb Ransomware.

Related Posts


Most Viewed