Horsedeal Ransomware

Horsedeal Ransomware Description

Malware analysts spot new ransomware threats on a daily basis. The barrier of entry, regarding data-locking Trojans, is rather low. This happens because even cybercriminals with little to no experience can create and distribute this threat. This can be mastered with the help of various ransomware building kits. One of the latest file-encrypting Trojans to emerge on the Web was named the Horsedeal Ransomware.

Propagation and Encryption

The techniques involved in the propagation of the Horsedeal Ransomware are yet to be uncovered. Some cybersecurity researchers speculate that the authors of the threat may be utilizing malvertising campaigns, bogus pirated copies of popular software tools and media, torrent trackers, mass spam email campaigns, etc. Upon infiltrating a targeted machine, the Horsedeal Ransomware will trigger a scan on all the files present on the victim's system. Next, the targeted data will undergo the encryption process of the Horsedeal Ransomware. The Horsedeal Ransomware is likely targeting a wide variety of common file types - .jpeg, .jpg, .gif, .png, .doc, .docx, .ppt, .pptx, .rar, .xls, .xlsx, .mov, .mp3, .mp4, etc. This means that the majority of the files present on the victim's computer will be locked with the help of an encryption algorithm. When the Horsedeal Ransomware locks a file, it alters its name by adding a '.horsedeal' extension at the end of its name. This means that a file named 'kitten-paw.jpeg initially will be renamed to 'kitten-paw.jpeg.horsedeal' and will no longer be executable.

The Ransom Note

The Horsedeal Ransomware drops a ransom note located in a file called '#Decryption#.txt.' In the ransom message, the attackers fail to mention a specific ransom fee. Instead, they insist on being contacted via email or ICQ. The authors of the Horsedeal Ransomware give out their contact details ‘bigbosshorse@xmpp.jp' (email address) and 'bigbosshorse' (ICQ username). It is likely that users who contact the attackers will receive instructions on how to process the payment required.

We would advise you against contacting cybercriminals. Most victims of data-locking Trojans never receive the decryption tool promised to them, even if they pay the ransom fee demanded. You should consider investing in an anti-virus software suite that will remove the Horsedeal Ransomware from your machine and ensure your safety in the future.

Do You Suspect Your PC May Be Infected with Horsedeal Ransomware & Other Threats? Scan Your PC with SpyHunter

SpyHunter is a powerful malware remediation and protection tool designed to help provide PC users with in-depth system security analysis, detection and removal of a wide range of threats like Horsedeal Ransomware as well as a one-on-one tech support service. Download SpyHunter's FREE Malware Remover
Note: SpyHunter's scanner is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware removal tool to remove the malware threats. Read more on SpyHunter. Free Remover allows you to run a one-off scan and receive, subject to a 48-hour waiting period, one remediation and removal. Free Remover subject to promotional details and Special Promotion Terms. To understand our policies, please also review our EULA, Privacy Policy and Threat Assessment Criteria. If you no longer wish to have SpyHunter installed on your computer, follow these steps to uninstall SpyHunter.

Site Disclaimer

Enigmasoftware.com is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their PC with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your PC. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.