Computer Security Updated Shade Ransomware Launches Malware to Customize...

Updated Shade Ransomware Launches Malware to Customize Ransom Amounts Based on Victim's Finances

shade ransomware malware ransom victims financesRansomware authors appear to be working overtime in an attempt to grant themselves the highest payday possible. To make such a task a reality, the creators of Shade Ransomware are actively seeking computer users who have greater financial means only to demand higher ransom fees than others without the proper means.

Shade ransomware has been recently updated, according to researchers at Kaspersky Lab. Through their research, the latest version of Shade is evading its file encryption activities only to download malware that installs and connects to a command & control (C&C) server only to examine details about a victimized computer user to discover how much money they can access. The new features of Shade are to allow its authors to extort as much money as they can from victimized computer users by look for accounting data to verify high dollar accounts or access to large amounts of money.

Shade Ransomware is a threat that came to the limelight back in September of 2015, known for being aggressively distributed through spam messages and exploit kit campaigns. Like other encryption type ransomware, Shade Ransomware is in the mix of combining aggressive file encryption and money extortion techniques. Now, Shade Ransomware has evolved to primarily target those who potentially have money to spend.

In a perfect world, hackers would only attack computer users who, for all intents and purposes, make decent money. In doing so, it would reduce the hassle and time lost when taxing computer users who do not have money to pay substantial ransom fees demanded by recent encryption type ransomware. In the case of Shade Ransomware, the latest version has several layers of infection where it can download specialized malware that initially skips file encryption actions in place of downloading and installing malware that finds out how much money a victimized computer user has.

Malware downloaded to infected systems by Shade Ransomware will target computer users who are more inclined to pay a higher ransom fee. When the malware discovers such, it will then encrypt files and immediately raise the ransom fee to a much higher amount.

The latest version of Shade Ransomware is like no other. Once the Shade Ransomware's malware finds out how much money victims can afford, the attackers behind the scheme can command the ransomware to demand a customized ransom amount. In doing such, it increases the likelihood that a victimized computer user will pay up, essentially granting the perpetrators a higher payday instead of settling on the smaller $50 or $100 ransom fees. We're talking about thousands of dollars per instance if the Shade Ransomware scheme pans out the way that its authors plan.

The older variation of Shade Ransowmare, without the ability to download additional malware, has had the proper decryption keys available through many sources over the Internet. However, the latest variant may or may not allow the use of the older decryptor. In any condition, computer users are urged to back up their system and make the backup readily available in the rare case of infection by the latest version of Shade Ransomware. If not, Shade looks to take its next victims literally to the bank for all that they are worth.