GottaCry Ransomware
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
Threat Level: | 100 % (High) |
Infected Computers: | 46 |
First Seen: | June 2, 2019 |
Last Seen: | September 8, 2019 |
OS(es) Affected: | Windows |
Recently, researchers came across an interesting piece of malware. It is called the GottaCry Ransomware. The reason is that this is a rather odd ransomware threat that does not encrypt any data, despite claiming to do so. It will seem that the authors of the GottaCry Ransomware are amateurs who are trying their luck by releasing this unfinished threat publicly.
It is not confirmed what the infection vector of the GottaCry Ransomware is, but it is very likely that the attackers are using fraudulent updates, alongside pirated content and emails containing infected attachments. Normally, ransomware threats would scan the computer they land on to find the file types they are programmed to encrypt. However, as we mentioned before, the GottaCry Ransomware is not capable of encrypting any files whatsoever. That does not indicate that there will be no harm done, though. The GottaCry Ransomware is meant to wipe off the files, which are contained in the 'Desktop' folder. This is not that damaging compared to the damage regular ransomware threats may cause. The authors of the GottaCry Ransomware have provided their victims with a ransom note where they state that if the user turns off their machine blatantly, the GottaCry Ransomware will 'delete' their computers, which is a rather funny statement. The attackers have included two big, red, glowing eyes, likely in an attempt at social engineering. Such techniques are often used by cybercriminals who try to pressure their victims into giving in to their demands. The attackers state that they would require a ransom fee of $50 in BTC, or $70 via PayPal. Instead of the usual email address that authors of ransomware threats provide, the creators of the GottaCry Ransomware give out a discorded username, 'Russen#6061.'
Do not get in touch with cyber crooks. Nothing good comes out of it. Make sure you download and install a reputable anti-malware application and use it to wipe off the GottaCry Ransomware from your computer. This will be enough to put your mind at ease. You can attempt to recover the files, which the GottaCry Ransomware deleted via a third-party data recovery tool.