jHEAc Ransomware
The jHEAc Ransomware is a new data-locker, which targets regular users online. The jHEAc Ransomware does not seem to belong to any of the popular ransomware families. File-encrypting Trojans like the jHEAc Ransomware can cause a lot of damage to a system, as they lock all the data present with a secure encryption algorithm. Users who fall victim to ransomware threats are usually asked to pay a hefty sum to get a decryption key that is meant to reverse the damage done to their files.
Propagation and Encryption
Security experts are yet to pinpoint the exact infection vectors used in the distribution of the jHEAc Ransomware. There are several, popular propagation methods that may be involved in the spreading of the jHEAc Ransomware:
- Bogus pirated copies of popular applications.
- Malvertising campaigns.
- Fake social media pages and posts.
- Torrent trackers.
- Phishing emails that contain corrupted links or macro-laced attachments.
When the jHEAc Ransomware infects your computer, it will begin encrypting your files. It is likely that the jHEAc Ransomware goes after all file types – documents, videos, audio files, images, spreadsheets, archives, presentations, databases, etc. The jHEAc Ransomware uses an encryption algorithm to lock the files securely. The names of all the locked files will be altered after the encryption process has been completed. The jHEAc Ransomware adds a '.jHEAc' extension to the names of all the affected files. For example, if you had named a file 'shiny-teeth.mov,' the jHEAc Ransomware will rename it to 'shiny-teeth.mov.jHEAc.'
The Ransom Note
Next, the file-locking Trojan will drop a ransom note named 'JHEAC-HOW-TO-FIX.txt.' Most creators of ransomware threats prefer communication via email, but the attackers demand to be contacted via the Licky.org social media platform. For users who fail to create a profile on Licky.org, the creators of the jHEAc Ransomware offer an email address ‘hacker47817628648971@airmail.cc.'
There is no point in attempting to cooperate with the authors of the jHEAc Ransomware, as they may not send you the software with the decryption key even if you pay them. Make sure you remove the jHEAc Ransomware from your PC with a trustworthy, up-to-date anti-spyware application.
