Roghe Ransomware

The Roghe Ransomware is a type of malware that encrypts the victim's files, making them inaccessible. The Roghe Ransomware adds a file extension, '.enc,' to each encrypted file so that the victims can find out easily which files are encrypted. The Roghe Ransomware presents three different ransom notes to its victims. One as a pop-up window that will appear on the victims' screen and the second one as a text. To present its third ransom message, the Roghe Ransomware changes the victims' wallpaper and instead of their regular wallpaper the victims will see the ransom note. They do not mention the ransom amount and also do not provide email addresses that could be used to contact them. However, on the pop-up window that shows the text message they warn that victims will have '15 minutes to retrieve the key. The Installation will become inaccessible in 20 minutes.'

What the Roghe Ransomware Demands from Its Victims

The executors of the Roghe Ransomware attack instruct victims to 'scan the QR code' presented on the wallpaper message and 'follow the instructions on the Decryptor Program.' However, since dealing with criminals is a risky matter, the recommended action is not to follow their guides and instead look for alternative methods to recover the damaged files, such as using a recent backup or a free decryptor.

How the Roghe Ransomware is Distributed

There are many different variants of ransomware, each with its own unique characteristics and methods of operation. Some ransomware is delivered through malicious email attachments, while others exploit vulnerabilities in software or use social engineering strategies to trick victims into downloading and running the malware. The Roghe Ransomware is spread via torrent websites, compromised email attachments, unsafe advertisements and other popular malware-delivery methods.

It is fundamental for individuals and organizations to take steps to prevent ransomware infections, such as keeping software up-to-date, using strong passwords, and being extra careful when clicking on links or downloading attachments from unknown sources. In addition, it is recommended to have a backup system in place to restore files in case of a ransomware attack.

The message in text reads:

'Roghe Decryptor

Files will be lost in -

The OS will become inaccessible in -

Instructions:

How do i unlock my files?

Your files can be unlocked using a special key

You have 15 minutes to retrieve the key - The Installation will become inaccessible in 20 minutes

What will happen if the time runs out?

1. Your files will be deleted

2. Your Current Windows Installation will become inaccessible'

The message in the pop-up window:

'How do I unlock my files?

Your files can be unclocked using a special key.

You have 15 minutes to retrieve the key - The Installation will become inaccessible in 20 minutes.

What will happen if the time runs out?

1. Your files will be deleted

2. Your Current Windws Installation will become inaccessible

The message on the wallpaper"

'You became a victim of Roghe

Follow the instructions on the Decryptor Program

! This is an open-source malware sample, scan the QR Code for details !'