The Newht Ransomware is a ransomware Trojan that is a variant of Hidden Tear, which may be apparent from its name, which may be short for 'New Hidden Tear.' Hidden Tear is an open-source ransomware platform that was released to the public originally for educational purposes (supposedly). Since its original release, Hidden Tear has spawned countless variants, due to the easy access to ransomware code that this release allowed to anyone interested in carrying out this kind of hoax. The Newht Ransomware is very similar to most Hidden Tear variants and, due to the rising popularity of these tactics, PC security researchers strongly advise computer users to take preventive measures to ensure the safety of their data.
There's Nothing New on the Newht Ransomware Modus Operandi
The Newht Ransomware can be delivered in a wide variety of ways, which may include exploit kits, hacking into victims' computers directly, or corrupted email and instant messaging links and attachments. The most likely way in which the Newht Ransomware is distributed is through corrupted spam email attachments since this seems to be the preferred method for the majority of newly released ransomware Trojans. The Newht Ransomware uses a ransom note written in English and carries out a typical ransomware strike, encrypting the victim's files with a strong encryption method and then demanding that the victim pays a costly fee to recover the affected files.
How the Newht Ransomware may Infect a Computer
After the Newht Ransomware manages to infiltrate a computer (usually after the victim opens a corrupted email spam attachment), the Newht Ransomware will begin encrypting the victim's data. The files encrypted by the Newht Ransomware will be marked with the file attachment '.htrs,' which makes it simple to know which files have been affected by the attack. The Newht Ransomware will target user-generated files, which may include images, music, video, and files generated with software such as Microsoft Office, Libre Office and Adobe Photoshop. The Newht Ransomware demands the payment of a ransom of 0.5 BitCoin, approximate $500 USD at the current exchange rate.
To encrypt the victim's files, the Newht Ransomware uses a combination of the AES and RSA encryptions, making it impossible to recover files encrypted in this way. The Newht Ransomware demands the ransom payment by delivering a ransom note that may take the form of a file dropped on the victim's computer containing information on the nature of the attack and how to pay the ransom amount. Malware analysts strongly advise computer users to ignore all ransom demands and instructions contained in the Newht Ransomware's ransom note.
Dealing with the Newht Ransomware and Other Ransomware Trojans
Like most ransomware Trojans being used currently, there are no decryption programs that have been proven to be effective in restoring files encrypted by the Newht Ransomware. However, computer users are welcome to try to use decryption utilities released for previous Hidden Tear variants, although it is unlikely that the computer user will be able to decrypt the affected files without paying the ransom amount. PC security researchers, though, strongly advise against paying the ransom amount since it allows these con artists to continue developing these threats and does not guarantee that the files will be decrypted or the victim's computer will not be reinfected in the future.
The best measure for limiting the damage associated with the Newht Ransomware and other ransomware variants is to backup all of your files on an external memory device. If the computer user can recover the affected files by deleting them and then restoring the data from a backup copy, then the people responsible for the Newht Ransomware attack will lose any power they have over the victim, which would allow them to demand a ransom payment. Apart from having file backups, PC security analysts advise the use of a reliable anti-malware application.