SmartRansom Ransomware

The SmartRansom Ransomware is a ransomware Trojan that is targeting computer users in the Asian-Pacific. The SmartRansom Ransomware carries out a typical ransomware tactic, encrypting the victim's files and then demanding the payment of a ransom in exchange for the decryption key. PC security researchers strongly advise computer users to refrain from following the instructions and demands put forth by the SmartRansom Ransomware infection since this can lead to further problems, as well as monetary and data loss.

The Weird Message Displayed by the SmartRansom Ransomware

The SmartRansom Ransomware focuses its attacks on computer users in the Asian-Pacific, although it is not a locked region and it could spread to computers outside of this region easily. The SmartRansom Ransomware carries out a typical ransomware attack, meaning that the files that have become encrypted in the SmartRansom Ransomware attack become unusable until the victim agrees to pay the ransom. However, there is no guarantee that the people responsible for the SmartRansom Ransomware attack will follow through on their word and restore the victim's files. Victims of the SmartRansom Ransomware attack may be greeted with an image of an attractive Asian woman with very few clothes on accompanied by a ransom note contained in a text file. The following message is contained in the SmartRansom Ransomware ransom note:

'你好
你一定很想知道我是谁
我告诉你吧，我是你爹
我把你电脑里重要文件都加密了
你一定很想打我对不对
扫描屏幕上的二维码，向我付款
芫事后我会给你解密工具
记得把屏幕上方的密钥记下来哦
这样我才能帮你解密嘛'

Below is the text of the above ransom note translated into English:

'Hello
Do you know who I am?
I am your father.
Your files have been encrypted.
Scan the two-digit code on the screen.
Do not forget to write down the key on the top screen so I could give you the decryption tool.'

Once curious aspect of the SmartRansom Ransomware ransom note is that it contains a QR code that victims are instructed to scan to receive additional information about the ransom payment. Computer users shouldn't do this since it could allow additional threats entering the infected computer.

Understanding the SmartRansom Ransomware Attack

In its attack, the SmartRansom Ransomware will scan the victim's computer in search for certain file types. The following are some of the file types that are targeted in the SmartRansom Ransomware attack:

au3, .BMP, .CUR, .doc, .docx, .GIF, .ICO, .JPG, .MID, .MIDI, .pdf, .PNG, .ppt, .pptx, .prn, .psd, .rar, .txt, .WAV, .xls, .xlsx, .zip.

The SmartRansom Ransomware has been linked to two files, the SmartRansom Ransomware's executable and the file containing the image that is displayed along with the SmartRansom Ransomware ransom note:

• SmartRansom.exe
• AarI.jpg

Preventing the SmartRansom Ransomware Attacks

The SmartRansom Ransomware seems to be linked to pornographic Web pages, and it is likely that it is being distributed through these websites, typically through fake file downloads and bogus advertisements. The SmartRansom Ransomware has been linked to a large Chinese website and software company, meaning that the SmartRansom Ransomware was not developed by amateurs but by software developers. This allows the SmartRansom Ransomware to carry out a sophisticated attack capable of causing quite a lot of damage on the victims' computers. Security researchers advise computer users to protect their data by creating file backups and installing a reliable, fully up-to-date anti-malware application.