HAT Ransomware

The HAT Ransomware is a new variant of the infamous Dharma Ransomware. Cybercriminals tend to create data-lockers using the code of already existing and established file-encrypting Trojans like the Dharma Ransomware.

Propagation and Encryption

The HAT Ransomware is a threat that is likely propagated via bogus emails. These emails would either contain a fake attached file or a corrupted link. However, some cyber crooks choose to use different distribution methods. Some of the most common ones include malvertising campaigns, fraudulent social media posts, bogus application updates and downloads, torrent trackers and others. Data-lockers usually go after a wide variety of filetypes, and the HAT Ransomware is no exception. If the HAT Ransomware manages to infect your PC, it will make sure to encrypt the documents, videos, audio files, images, archives, databases, spreadsheets, and presentations that are present on your system. The files locked by the HAT Ransomware will be marked with an '.id-.[Zagrec@protonmail.com].HAT' extension. For example, a file that was named 'velvet-skin.mp originally will be renamed to 'velvet-skin.mp3.id-.[Zagrec@protonmail.com].HAT.' The HAT Ransomware will generate a new, unique ID for each victim. This allows the attackers to differentiate between the targeted users easily.

The Ransom Note

The HAT Ransomware drops a file on the user's PC once it is done encrypting the data. The file is named 'FILES ENCRYPTED.txt.' The ransom message is very brief. The HAT Ransomware creators do not mention the ransom fee, but you can rest assured that it would be a hefty sum. There are two email addresses to the user contact the attackers – ‘zagrec@protonmail.com' and ‘bitrequest@tutanota.com.'

Malware experts advise users against cooperating with cybercriminals. No one can guarantee that the decryption key you need to unlock your files will arrive. It is best to invest in a trustworthy, modern anti-malware solution that will easily detect and remove the HAT Ransomware from your computer.