Consciousness Ransomware
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Threat Level: | 100 % (High) |
| Infected Computers: | 4 |
| First Seen: | January 19, 2011 |
| Last Seen: | February 2, 2021 |
| OS(es) Affected: | Windows |
The Consciousness Ransomware is a perilous malware threat that, if left unchecked, can wreak havoc on any system it manages to compromise. At first, it may seem as if it operates much in the same way as a normal crypto locker malware, but in practice, it is more akin to a wiper threat. It sneaks onto the target's computer system as a file named 'TaskHandler.exe' and proceeds to encrypt most of the stored files rendering them inaccessible and unusable. The Consciousness Ransomware can affect all of the widely used filetypes such as MS Office files, databases, pdfs, photos, audio and video files, archives, etc. Every encrypted file will have '.Consciousness' appended to its original filename. The ransom note with instructions is delivered in two ways. First, a text file named 'the Consciousness Ransomware Text Message.txt' will be dropped in every folder containing encrypted data. Then the screen of the compromised device will be locked with an image delivered by the threat.
The hackers behind the Consciousness Ransomware demand the sum of $400 in Bitcoin to be transferred to their cryptocurrency wallet address. After the payment is completed, an email is supposed to be sent to the email address 'securityit123@protonmail.com.' Victims of this threat, however, must, in no case, send any amount of money as even the criminals CANNOT restore the encrypted files. This is due to a glitch in the encryption system employed by the threat. The Consciousness Ransomware begins to encrypt the first file with a specific password but then changes it for each subsequent file. The passwords are not saved, and there is no Command-and-Control infrastructure where they might have been sent to. As a result, no one can restore the affected files.
The full text of the note delivered by the Consciousness Ransomware:
Hello. Your files has been encrypted successfully.
Hello. Your files has been encrypted successfully.
I / Computer noticed unusual activities had been occured from your PC / Laptop. and Hacking activities had been run through out your computer / Laptop.
So I encrypted your files for safety purposes and to remove trojans and corrupted files.
So if you want to recover your files.
Simply transfer $ 400.00 to us with bitcoin to that address:
3Cg2NyeuivMCCtBaLDc4paNj8TgHGZqA5p
Then after payment send my BOSS a message on that email: securityit123@protonmail.com
and I as a Computer will recover all your files within 2 hours.
