Threat Database Ransomware HACK Ransomware

HACK Ransomware

By GoldSparrow in Ransomware

A new ransomware threat has surfaced the Internet – the HACK Ransomware. When malware experts came across the HACK Ransomware, they decided to look into it and discovered that this data-encrypting Trojan is a variant of the infamous Dharma Ransomware.

Cybersecurity researchers are yet to know with certainty what is the infection vector used in propagating the HACK Ransomware. However, some speculate that the authors of the HACK Ransomware are spreading their threat via spam emails containing infected attachments, bogus software updates and corrupted pirated applications. Once the HACK Ransomware infiltrates a machine successfully, it begins the attack by scanning it. The purpose of this is to locate the files, which will later be encrypted. When this is through, the encryption process begins. After encrypting a file, the HACK Ransomware changes its name. Like most ransomware Trojans, which belong to the Dharma Ransomware family, the HACK Ransomware adds encryption following this pattern ‘'.id-.[].HACK' where each victim has a uniquely generated Victim ID. The next move is dropping the ransom note. Here, the HACK Ransomware authors have stayed faithful to the Dharma Ransomware model and named the note ‘RETURN FILES.txt.’ Cybercrooks often opt to use all caps when naming their ransom notes. This way, it is much less likely that the victim will somehow end up overlooking and missing the message they are trying to get across. The cyber criminals do not say what the exact sum demanded will be, but they provide an email address where they should be contacted – ‘’

If you get in touch with the attackers, they will likely attempt to trick you into giving them money by promising to give you a decryption key, which will unlock all the affected data. However, often, such shady individuals fail to deliver on their promises, and this is not at all surprising as cybercriminals are not exactly known for their honesty and straightforwardness. Instead, you should download and install an anti-spyware application and use it to clear your system of the HACK Ransomware.

Related Posts


Most Viewed