Threat Database Ransomware Pirateware Ransomware

Pirateware Ransomware

By GoldSparrow in Ransomware

The Pirateware Ransomware is a ransomware Trojan that was still under development when analyzed by PC security researchers. In its current state, the Pirateware Ransomware's encryption procedure remained unfinished. Malware analysts on online anti-virus platforms observed the Pirateware Ransomware. Con artists will often submit threats under development to these services as a way of testing whether they are capable of bypassing detection by established security services. It is likely that a novice programmer has created the Pirateware Ransomware instead of it being the product of a highly-sophisticated group. The Pirateware Ransomware is poorly coded, its network settings are null, and its interface is still unworkable due to a large number of bugs.

Modern-Day Pirates Attacking Computers

It is clear that the Pirateware Ransomware is modeled after various well-known encryption ransomware Trojans, with large portions of its code copied from these threats. It is clear that the Pirateware Ransomware is meant to use the AES 256 and RSA 2048 encryptions to make the victims' data unusable. However, the Pirateware Ransomware is not functional in its current state. The Pirateware Ransomware communicates with a Command and Control server to receive instructions and relay information about the encryption process. The Pirateware Ransomware uses a ransom note that includes a picture of the Jolly Roger pirate flag. This ransom note is designed to demand the payment of a ransom from the victim.

The Pirateware Ransomware’s Ransom Demand

PC security analysts have associated a ransom note replete of typos with the Pirateware Ransomware attack. The full text of the Pirateware Ransomware ransom note reads:

'What happend to my computer?
Your personal documents and files on this computer have just been encrypted.
The original files have been deleted and will only be recovered by following the steps described below.
The encryption as done with a unique generated encryption key (using AES-256 and RSA-2048).
This means the enciypted files are of no use until they get decrypted using a key stored on a secret server.
The server will only release the key if the amount of Bitcoins displayed is payed.
How to get your hands on a key:
1. Create your own Bitcoin wallet and convert money into Bitcoins.
2. After you have sent the Bitcoins from your own Bitcoin adress type it into contact for adresses.
3. Go under Message and type i have bought a key and would like to receive it and then click "Submit Message"
4. After we have confirmed your purchase and you have gotten you key paste it into the key box and click "start decryption".
Every third day the prices -Anil increase by 0.1 bitcoin. so if you wait three days to pay it will be 0.2 bitcoins.
*Remember the rule or you wont get your key!*
Price for key: 0.1 Bitcoins
Send Bitcoins to this adress
34tfAnJsTbhJNCLnyurvPeTpqgGzobHLhL
Pirateware
Any attempt to corrupt or remove this software will result in immediate elimination of private key by the server.'

The Pirateware Ransomware’s Current Incomplete State

Although the Pirateware Ransomware is still incomplete, the BitCoin wallet associated with the Pirateware Ransomware is active currently. Victims are prompted to pay 0.1 BTC (approximately $240 USD at the current exchange rate). However, PC users should refrain from paying the Pirateware Ransomware ransom, regardless of whether the Pirateware Ransomware is complete or not. Paying these ransoms allows con artists to create additional ransomware Trojans and it almost never results in the full recovery of the affected files. Additionally, victims that pay these ransoms may be targeted for reinfection, additional threats and other tactics. The Pirateware Ransomware is unable to carry out its attack currently, merely displaying a ransom note on the victim's computer but not following through on encrypting the victim's files. Either out of incompetence or because it is unfinished, the Pirateware Ransomware's encryption does not work.

Trending

Most Viewed

Loading...