Threat Database Ransomware Genobot Ransomware

Genobot Ransomware

By GoldSparrow in Ransomware

The Genobot Ransomware is an encryption ransomware Trojan that carries out a typical version of this well-known tactic. The Genobot Ransomware, like most encryption ransomware Trojans, will encrypt the victim's files using a strong encryption algorithm and then demand that the victim to buy the decryption key that is necessary to restore the affected files. The Genobot Ransomware takes the victim's files hostage and demands a ransom payment from the victim. The payment of the Genobot Ransomware ransom shouldn't be even considered and, instead, infected PC users should take steps to ensure that their computers are protected, and their files backed up properly. As with countless encryption ransomware Trojans, the best protection against this threat is to have backup copies of your files either on the cloud or an external memory device.

The Genobot Ransomware Demands a Small Ransom

The Genobot Ransomware is one of the many ransomware Trojans that are based on HiddenTear, an open source encryption ransomware engine. Since its first appearance was in 2015, HiddenTear has been responsible for countless variants of this threat, and it is estimated that the majority of encryption ransomware Trojans that are active today have their code based on HiddenTear. The Genobot Ransomware Trojan demands a ransom payment of approximately 10 USD to be paid using Bitcoin. Once the Genobot Ransomware has been installed on the victim's computer, it will prevent the victims from accessing their files on the infected PC. The Genobot Ransomware will target the user-generated files, which may include images, videos, databases, music, and numerous other file types. The Genobot Ransomware will identify the files encrypted by the attack by adding the file extension '.encrypted' to the end of each affected file. Encryption ransomware Trojans target a wide variety of file types, which may include files containing the following extensions:

.3dm, .3g2, .3gp, .7zip, .aaf, .accdb, .aep, .aepx, .aet, .ai, .aif, .as, .as3, .asf, .asp, .asx, .avi, .bmp, .c, .class, .cpp, .cs, .csv, .dat, .db, .dbf, .doc, .docb, .docm, .docx, .dot, .dotm, .dotx, .dwg, .dxf, .efx, .eps, .fla, .flv, .gif, .h, .idml, .iff, .indb, .indd, .indl, .indt, .inx, .jar, .java, .jpeg, .jpg, .js, .m3u, .m3u8, .m4u, .max, .mdb, .mid, .mkv, .mov, .mp3, .mp4, .mpa, .mpeg, .mpg, .msg, .pdb, .pdf, .php, .plb, .pmd, .png, .pot, .potm, .potx, .ppam, .ppj, .pps, .ppsm, .ppsx, .ppt, .pptm, .pptx, .prel, .prproj, .ps, .psd, .py, .ra, .rar, .raw, .rb, .rtf, .sdf, .sdf, .ses, .sldm, .sldx, .sql, .svg, .swf, .tif, .txt, .vcf, .vob, .wav, .wma, .wmv, .wpd, .wps, .xla, .xlam, .xll, .xlm, .xls, .xlsb, .xlsm, .xlsx, .xlt, .xltm, .xltx, .xlw, .xml, .xqx, .xqx, .zip

How the Cybercrooks may Profit from the Genobot Ransomware

After the Genobot Ransomware encrypts the victim's files, it delivers a message that asks the victim to pay a ransom and communicate with its developers on their Gmail address to get information about the payment. The use of a public email address like this one suggests that the people responsible for the Genobot Ransomware are not sophisticated or advanced particularly since these email addresses are shut down routinely if they are associated with tactics like the one linked to the Genobot Ransomware. However, since the Genobot Ransomware is based on HiddenTear, the attack that it carries out is quite effective and can make the victim's files inaccessible indefinitely. This allows the cybercrooks to generate revenue at the expense of their victims. It is not recommended to agree with the payment of the Genobot Ransomware ransom, despite the fact that the ransom amount is quite smaller than most ransomware Trojans. This is because the cybercrooks will almost never keep their word and help victims recover from the attack. When communicating with the people responsible for the attack, computer users will find that they are just as likely to ignore the payment altogether or to demand an additional payment from them.

Trending

Most Viewed

Loading...