Horsedeal Ransomware Description
Malware analysts spot new ransomware threats on a daily basis. The barrier of entry, regarding data-locking Trojans, is rather low. This happens because even cybercriminals with little to no experience can create and distribute this threat. This can be mastered with the help of various ransomware building kits. One of the latest file-encrypting Trojans to emerge on the Web was named the Horsedeal Ransomware.
Propagation and Encryption
The techniques involved in the propagation of the Horsedeal Ransomware are yet to be uncovered. Some cybersecurity researchers speculate that the authors of the threat may be utilizing malvertising campaigns, bogus pirated copies of popular software tools and media, torrent trackers, mass spam email campaigns, etc. Upon infiltrating a targeted machine, the Horsedeal Ransomware will trigger a scan on all the files present on the victim's system. Next, the targeted data will undergo the encryption process of the Horsedeal Ransomware. The Horsedeal Ransomware is likely targeting a wide variety of common file types - .jpeg, .jpg, .gif, .png, .doc, .docx, .ppt, .pptx, .rar, .xls, .xlsx, .mov, .mp3, .mp4, etc. This means that the majority of the files present on the victim's computer will be locked with the help of an encryption algorithm. When the Horsedeal Ransomware locks a file, it alters its name by adding a '.horsedeal' extension at the end of its name. This means that a file named 'kitten-paw.jpeg initially will be renamed to 'kitten-paw.jpeg.horsedeal' and will no longer be executable.
The Ransom Note
The Horsedeal Ransomware drops a ransom note located in a file called '#Decryption#.txt.' In the ransom message, the attackers fail to mention a specific ransom fee. Instead, they insist on being contacted via email or ICQ. The authors of the Horsedeal Ransomware give out their contact details ‘firstname.lastname@example.org' (email address) and 'bigbosshorse' (ICQ username). It is likely that users who contact the attackers will receive instructions on how to process the payment required.
We would advise you against contacting cybercriminals. Most victims of data-locking Trojans never receive the decryption tool promised to them, even if they pay the ransom fee demanded. You should consider investing in an anti-virus software suite that will remove the Horsedeal Ransomware from your machine and ensure your safety in the future.
Do You Suspect Your PC May Be Infected with Horsedeal Ransomware & Other Threats? Scan Your PC with SpyHunterSpyHunter is a powerful malware remediation and protection tool designed to help provide PC users with in-depth system security analysis, detection and removal of a wide range of threats like Horsedeal Ransomware as well as a one-on-one tech support service. Download SpyHunter's FREE Malware Remover
This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your PC. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.