Hande Hoch 'Hands up' Ransomware

ESG malware analysts have detected an ongoing business transaction through which the creators of the Hande Hoch 'Hands up' Ransomware family are attempting to expand the reach of their malicious Winlockers. They are attempting to do this through affiliate marketing techniques. Affiliate marketing, as applied to legitimate business ventures, will usually entail getting people to attract customers to your business by giving them a certain percentage of the purchases made by these customers. In fact, malware is no different. The criminals behind the 'Hands Up' Ransomware family have started to publicize a bot that is designed to allow other hackers to infect various computers with the 'Hands Up' Ransomware. They are paying roughly one euro for every computer that is effectively infected with this dangerous Winlocker. In turn, they stand to profit anywhere from fifty to one hundred euros from each infected computer, which makes this a profitable illegal business. However, make no mistake about it, distributing malware such as the 'Hands Up' Ransomware is against the law and harshly punished by the courts. Also, criminals engaging in these types of practices seldom get away with it. One of the characteristics inherent in computer crime is that there will usually be a way for PC security researchers to track a criminal's activity and location as well as producing solid evidence, which may lead to a conviction.

An Overview of Malware Belonging to the 'Hands Up' Ransomware Family

Most of the malware belonging to the 'Hands Up' Ransomware has the same characteristics. Typically, these kinds of malware are Winlockers, infections designed to prevent a computer user from gaining access to their own desktop and operating system. Typically, most malware belonging to the 'Hands Up' Ransomware family will display a message supposedly coming from the victim's country's law enforcement agency. This message will claim that the victim has been using the infected computer for illegal purposes, for which the computer was frozen until a one-hundred fine is paid. Another scam associated with the 'Hands Up' Ransomware family include messages claiming that the victim's version of Windows is illegal and that Microsoft has frozen the victim's computer until a fine is paid. Basically, this ransomware's Winlocker will freeze the victim's computer and display a message. Each criminal can change this message to suit his particular needs. All malware in the 'Hands Up' Ransomware family has in common that payment is usually carried out through uKash safecards, a European money transfer service.