Pump Ransomware Description
The Pump Ransomware is a potent ransomware threat that has not been associated with any of the pre-existing ransomware families. Despite this meaning that the Pump Ransomware is fairly unique, the threat still follows the usual ransomware behavior. It attempts to infiltrate the targeted computer system, leverage a powerful encryption algorithm to effectively lock the files saved on it, and then demand a ransom for the potential restoration of the data.
When the Pump Ransomware encrypts a file, it appends a new file extension to the original filename - '.pump.' Simultaneously, the threat will drop with the conclusion of the encryption process its ransom note. The hackers' instructions will be delivered as text files named 'README.txt,' which will be placed in every folder containing encrypted data.
The ransom note itself fails to provide any meaningful information for users affected by the Pump Ransomware. It simply states that victims should initiate contact by sending a message to the 'email@example.com' email address. The hackers have included a sentence to further push their victims into paying the unspecified ransom by claiming to have received sensitive private data from the compromised computer system prior to the encryption of the files.
The entire text of the ransom note found in the 'README.txt' files is:
'YOUR NETWORK HAS BEEN HACKED AND ALL DATA IS ENCRYPTED
Also a lot of sensitive data has been downloaded from your network