Covid-20 Ransomware

The Covid-20 Ransomware is a screen-locker Trojan that prevents Windows from loading and, instead, displays a ransom note to the user. Like more conventional threats, it demands a Bitcoin ransom, although the cost is exceptionally high and inappropriate for most targets other than multinational corporations. Users can try recovering their PC in multiple ways and, upon regaining access to Windows, should delete the Covid-20 Ransomware with proper security software.

The Disease that Transforms into a Computer Blackout

The Covid-20 Ransomware is a new Trojan for Windows systems that takes an extremely-invasive tack to block users out of their computer's data. As with previous instances of threats naming themselves after real-world phenomena (the CovidLock Ransomware, the CoronaVirus Ransomware, and so on), the campaign may take advantage of currently-popular news for infamy or as part of its distribution tactic. Arguably, the Covid-20 Ransomware is even worse for PCs than the Coronavirus is to the human body – since the Trojan guarantees a total lock-up of the system.

The Covid-20 Ransomware isn't a typical file-locker Trojan and includes no encryption or other features for blocking media like documents on a one-by-one basis. This fact may seem reassuring, but the Covid-20 Ransomware's substitute attack stops the Windows restart process. Instead, users who reboot see a red-texted note that announces the Trojan's name and asks for one million USD in Bitcoins for recovery.

The Covid-20 Ransomware also partakes in the cliché of describing its attacks as 'military-grade encryption' routines, which is a lie that many file-locker Trojans and similar threats use, down to the same wording. Additionally, malware experts point out an absence of contact details in the Covid-20 Ransomware's note, which is a strong indicator that the Trojan is a 'joke' or requires more development before release into the wild.

Vaccinating Systems against Coma-Inducing Trojans

Although the Covid-20 Ransomware blocks Windows in totality, it also leaves the user's files intact for later recovery. This payload strategy simplifies victims' recovery needs since there's no requirement for a decryption application or restoring content like often-updated documents.

Users may need to boot their systems from DVDs, USBs or other peripheral devices. Most systems will provide a boot device menu during startup for users who press the appropriate key, such as F11, F12, etc. From this menu, choose the peripheral device, instead of the internal hard drive, for loading an external OS or Windows repair features.

Most security services designed for identifying threats can detect startup-hijacking threats, including the more destructive variants that overwrite the MBR. Any Windows user with appropriate anti-malware protection should remove the Covid-20 Ransomware as soon as possible after regaining a minimum of UI access.

A plague is terrible enough, but PC users encountering the Covid-20 Ransomware have to deal with their devices becoming useless. Still, like its biological mascot, paying attention to recovery procedures can limit most cases of damage and speed recovery.