Threat Database Ransomware Picocode Ransomware

Picocode Ransomware

Cybersecurity analysts have uncovered a new data-encrypting threat targeting unsuspecting users online. The name of this new threat is the Picocode Ransomware. This ransomware threat may have been built from scratch as it does not appear to be a variant of any of the popular file-locking Trojans known to malware researchers.

Propagation and Encryption

Many authors of ransomware threats use spam emails to spread their threatening creations. The emails in question tend to contain a macro-laced attachment and a fraudulent message that urges the user to execute the attached file. Corrupted advertisement campaigns, bogus applications downloads, updates, and torrent trackers are also among the popular propagation methods used by ransomware authors. The Picocode Ransomware is designed to cause maximum damage to the compromised host. This is why this threat would encrypt all the user’s images, audio files, documents, spreadsheets, presentations, videos, archives, databases, etc.

The Picocode Ransomware would apply an encryption algorithm that will make sure to lock the targeted files securely. Upon locking a file, the Picocode Ransomware also alters its filename by appending a ‘.picocode#8523’ extension. For example, a file called ‘frozen-river.jpeg’ will be renamed to ‘frozen-river.jpeg.picocode#8523.’ The extension used by the creator of this threat is their Discord handle. Discord is an instant messaging application used for gaming mainly.

The Ransom Note

In the next phase of the attack, the Picocode Ransomware will drop a ransom note on the target’s desktop. The name of the ransom note is ‘README.txt,’ and it contains the attackers’ message. The authors of the Picocode Ransomware demand $100 in the shape of Bitcoin as a ransom fee. The attackers ask their victims to contact them on Discord using their handle ‘picocode#8523.’ The creators of this data-locking Trojan promise to provide the victims who pay up with a decryption tool that will reverse the damage done to their files.

We would advise you against trusting the word of cyber crooks. More often than not, they never deliver on their promises even if the victim pays the demanded ransom fee. This is why you should consider obtaining a legitimate anti-virus tool that will remove this nasty Trojan from your computer for good.


Most Viewed