EasyRansom Ransomware

So far, the EasyRansom Ransomware has not been categorized as part of any existing ransomware family, which means that it might be an entirely unique threat. Its behavior, however, shows little deviation from that of a typical ransomware threat.

Its goal is to infiltrate the targeted computer and encrypt most of the files stored on it with a potent cryptographical algorithm rendering them unusable and inaccessible. Users are locked out from their personal or business-related files effectively. The extension appended to the encrypted files' original filenames is '.easyransom.' The note containing instruction from the hackers behind the attack is dropped in the form of text files named easyransom_readme.txt.'

It seems that the EasyRansom Ransomware is designed to target computer users located in South Korea specifically, evidenced by the fact that the ransom note is written in Korea entirely and doesn't feature any translations into other languages. Still, according to the instructions, victims of the EasyRansom Ransomware are told to send the sum of 0.01 BTC to the provided cryptocurrency wallet address. Bitcoin's exchange rate fluctuates significantly, but at the current price, 0.01 BTC is equal to approximately $108. An email address - easyransom@ransom.cce that should be used for communication with the criminals also is provided in the note.

The original text found in the easyransom_readme.txt files is:

'당신의 파일은 감염되었습니다.

파일 복구를 원하시면 아래 비트코인 계좌 및 이메일로 각각 0.01BTC와 암호화된 파일을 전송해주세요.

Wallet: bc1qar0srrr7xfkvyXXXXlydnw9re59gtzzwf5mdq

Mail: easyransom@ransom.cce.'