Threat Database Ransomware Master Ransomware

Master Ransomware

By GoldSparrow in Ransomware

Threat Scorecard

Threat Level: 100 % (High)
Infected Computers: 40
First Seen: May 31, 2017
Last Seen: November 4, 2019
OS(es) Affected: Windows

The Master Ransomware is a variant of a famous ransomware family known as BTCWare. Like other ransomware Trojans, the Master Ransomware is designed to encrypt the victims' files and then request the payment of a sum in exchange for the decryption key necessary to recover the affected files. Victims of the Master Ransomware attack will see a ransom note explaining the situation and demanding that the victim pays a ransom amount using BitCoins. Encryption ransomware Trojans like the Master Ransomware are among the most widely disseminated ransomware Trojans and pose a real danger to computer users. PC security investigators advise computer users to take steps to protect their files and computers from the Master Ransomware and similar threats.

The Master of Extortion

Computer users must refrain from paying the Master Ransomware ransom or contacting the Master Ransomware's creators since there is nothing that can guarantee that they will restore the victim's files and, furthermore, the payment of these ransoms allows the con artists to continue developing these threat attacks. PC security researchers instead advise computer users to take steps to protect their files using file backups and a reliable security program that is fully up-to-date.

The Master Ransomware attack itself is a typical example of these tactics. The Master Ransomware uses a strong encryption algorithm to make the victim's files completely inaccessible. The Master Ransomware will mark the files encrypted with the file extension '.master,' although some variants of this file extension that have been observed in attacks include '[BM-NBM1DiE52wgzUUnzcRPwjMjPEcV4qfpr@bitmessage.ch].master,' '.help@onyon.info].master' and '.[niga@westcost.xyz].master.' Apart from encrypting the victim's files, the Master Ransomware will drop an INF file on the infected computer's desktop. This file contains the Master Ransomware's ransom note and is named '!#_RESTORE_FILES_#!.inf'. Below is the full text of the Master Ransomware's ransom note:

'[WHAT HAPPENED]
Your important files produced on this computer have been encrypted due to a security problem
If you want to restore them, write us to the email: BM-NBM1DiE52wgzUUnzcRPwjMjPEcV4qfpr@bitmessage.ch or makedonskiy@gmx.com
You have to pay for decryption in Bitcoins. The price depends on how fast you write to us.'

Preventing the Invasion of the Master Ransomware and Similar Threats

The best protection against ransomware Trojans is file backups since it gives computer users the ability to recover their files from the backup, rather than having to pay the ransom to recover the affected files. It makes the ransomware tactic completely ineffective effectively since the people responsible for the Master Ransomware attack lose any power they have over the victim. Although it is not possible to recover files encrypted by the Master Ransomware currently, in the past, it has been possible to develop decryption programs that have helped computer users recover from attacks very similar to the Master Ransomware and even closely related to its threat family. Because of this, it is possible that a recovery method for the Master Ransomware may be released over time by malware researchers.

SpyHunter Detects & Remove Master Ransomware

File System Details

Master Ransomware may create the following file(s):
# File Name MD5 Detections
1. name.exe 5940d1ee535b763b8affa8df6daca100 0

Registry Details

Master Ransomware may create the following registry entry or registry entries:
Regexp file mask
%APPDATA%\!#_RESTORE_FILES_#!.inf

Related Posts

Trending

Most Viewed

Loading...