Threat Database Ransomware GottaCry Ransomware

GottaCry Ransomware

By GoldSparrow in Ransomware

Threat Scorecard

Threat Level: 100 % (High)
Infected Computers: 46
First Seen: June 2, 2019
Last Seen: September 8, 2019
OS(es) Affected: Windows

Recently, researchers came across an interesting piece of malware. It is called the GottaCry Ransomware. The reason is that this is a rather odd ransomware threat that does not encrypt any data, despite claiming to do so. It will seem that the authors of the GottaCry Ransomware are amateurs who are trying their luck by releasing this unfinished threat publicly.

It is not confirmed what the infection vector of the GottaCry Ransomware is, but it is very likely that the attackers are using fraudulent updates, alongside pirated content and emails containing infected attachments. Normally, ransomware threats would scan the computer they land on to find the file types they are programmed to encrypt. However, as we mentioned before, the GottaCry Ransomware is not capable of encrypting any files whatsoever. That does not indicate that there will be no harm done, though. The GottaCry Ransomware is meant to wipe off the files, which are contained in the 'Desktop' folder. This is not that damaging compared to the damage regular ransomware threats may cause. The authors of the GottaCry Ransomware have provided their victims with a ransom note where they state that if the user turns off their machine blatantly, the GottaCry Ransomware will 'delete' their computers, which is a rather funny statement. The attackers have included two big, red, glowing eyes, likely in an attempt at social engineering. Such techniques are often used by cybercriminals who try to pressure their victims into giving in to their demands. The attackers state that they would require a ransom fee of $50 in BTC, or $70 via PayPal. Instead of the usual email address that authors of ransomware threats provide, the creators of the GottaCry Ransomware give out a discorded username, 'Russen#6061.'

Do not get in touch with cyber crooks. Nothing good comes out of it. Make sure you download and install a reputable anti-malware application and use it to wipe off the GottaCry Ransomware from your computer. This will be enough to put your mind at ease. You can attempt to recover the files, which the GottaCry Ransomware deleted via a third-party data recovery tool.


Most Viewed