Threat Database Ransomware Morseop Ransomware

Morseop Ransomware

By GoldSparrow in Ransomware

The Morseop Ransomware is a crypto locker that is a bit more sophisticated than the average ransomware malware. According to cybersecurity experts, Morseop can be categorized as a newer version or a variant of the SFile Ransomware due to the striking similarities between the two threats. Unfortunately for the victims, Morseop combines several cryptographic algorithms for file encryption using SHA-512, AES-256 and RSA-2048. This means that the restoration of the locked files is impossible without the appropriate key practically or unless some major bug is discovered in the coding of the Ransomware.

Every file encrypted by the Morseop Ransomware successfully will have its original filename changed to include '.morseop-[random-string]' as a new extension. The ransom note from the criminals is dropped in a file named 'how restore hurt documents.inf.'

While the note doesn't mention a specific sum, it states that when the exact price is communicated to the victim, it should be paid in Bitcoin. To demonstrate their ability to decrypt the user's files, the hackers offer to restore up to 3 files for free. Two email addresses are provided for contact - '' and ''

Some ransomware threats, and most likely the Morseop Ransomware, as well, have the ability to delete the Shadow Volume Copies generated by the Windows OS. This leaves users with little recovery options unless a backup was created before the malware infection is available.


Most Viewed