Threat Database Ransomware Erica2020 Ransomware

Erica2020 Ransomware

With all the changes brought by the coming of 2020, one thing has not changed certainly – cyber crooks’ fondness of ransomware threats. One of the newest nasty spawns of this class is called Erica2020 Ransomware. Just like most data-locking Trojans, the Erica2020 Ransomware compromises a system, encrypts the data of the users, and then blackmails them into paying a ransom fee in exchange for a decryption key.

Encryption and Propagation

Once the Erica2020 Ransomware infects a PC, it will scan it to locate the data and then trigger an encryption process that will make sure all the targeted files are locked securely. When this file-encrypting Trojan locks a file, it alters its name by appending a new extension. Most ransomware threats have a consistent string of symbols used as an additional extension. However, the Erica2020 Ransomware generates a random string of four symbols for each new user, which also can serve as a victim ID. This means that a file named ‘snowy-field.jpg’ initially will be renamed to ‘snowy-field.jpg..’ It is not clear what infection vector is used by the creators of the Erica2020 Ransomware. It is being speculated that spam emails may be involved in the distribution of this nasty Trojan. Often, the threat would be masked as a harmless attachment and would be accompanied by a fake message urging the user to open the attached file. Torrent trackers, fraudulent application downloads and updates, pirated copies of popular software tools, or media may be among the other propagation methods preferred by cybercriminals propagating threats of this type.

The Ransom Note

According to cybersecurity researchers, the Erica2020 Ransomware is likely still being developed because the ransom note dropped on the victims’ desktops appears to be uncompleted. It is likely that the creators of the Erica2020 Ransomware are still working on this threat and may further weaponize it in the future. In the note, the attackers instruct the victim on how to recover their files. There is an email address provided – ‘’ This is where the victim is expected to contact the attackers to receive further instructions.

It is best to ignore the demands and wishes of cyber crooks. There is no reason to believe their promises as they are known liars and fraudsters. This is why you should consider obtaining a legitimate anti-virus solution that will help you clear your system of the Erica2020 Ransomware once and for all.


Most Viewed