Threat Database Ransomware .PLEASE_CONTACT_1398456099@qq_com' Ransomware

.PLEASE_CONTACT_1398456099@qq_com' Ransomware

By GoldSparrow in Ransomware

Recently, malware researchers came across a new and rather peculiar ransomware threat. It is called '.PLEASE_CONTACT_1398456099@qq_com' Ransomware and does not appear to belong to any of the popular ransomware families. It is speculated that the author is a Chinese high-school student, but this has not been confirmed.

It is not uncovered with certainty what the propagation method of this file-locking Trojan is, but it is very likely that the creator has been spreading this threat via pirated software, mass spam email campaigns and faux updates. When the '.PLEASE_CONTACT_1398456099@qq_com' Ransomware penetrates a system it initiates a scan immediately. This is done to locate all the file types, which this data-encrypting Trojan is programmed to go after. Usually, to achieve maximum damage, the files targeted are the most popular file types that any users will have on their computers such as .jpeg, .png, .gif, .ppt, .doc, .mp3, .mov, etc. After going through the encryption of the '.PLEASE_CONTACT_1398456099@qq_com' Ransomware, the data affected will have an additional extension - '.PLEASE_CONTACT_1398456099@qq_com'. Instead of dropping a ransom note in a text file as most ransomware threats do, the '.PLEASE_CONTACT_1398456099@qq_com' Ransomware presents the victim with a pop-up window containing the ransom message. The text is available in English, German, Chinese and Japanese. The headline reads 'Ooops, your homework has been encrypted!' The attacker claims that you will not be able to retrieve your files unless you pay them. Then, they state that the ransom fee will be increased periodically. On a somewhat ironic note, the text states (in broken English) that 'even if God comes' you will not be able to reclaim your data for free. The author of the '.PLEASE_CONTACT_1398456099@qq_com' Ransomware also claims that all the data will be deleted permanently a week after the attack unless the victim pays up.

We recommend you not to give in to the demands of cybercriminals. A much safer approach would be to download and install a reputable anti-malware suite and utilize it in wiping the '.PLEASE_CONTACT_1398456099@qq_com' Ransomware off your system.

Trending

Most Viewed

Loading...