UpdateDecrypter Ransomware Description
The UpdateDecrypter Ransomware is a malware threat that possesses features of both ransomware and screen locker. When the UpdateDecrypter manages to infiltrate a computer successfully, it generates a pop-up window that acts as a screen locker immediately. The messages displayed on the screen seem to be a Windows Update with progress measured in percentages in an attempt to fool the users. At the same time, in the background, the malware proceeds to encrypt nearly all of the files present on the system. When the encryption process is completed, UpdateDecrypter reboots the system.
All of the encrypted files will have '.crypt' appended to their original filenames as a new extension. UpdateDecrypted delivers its ransom note with instructions in the form of an image that it uses to replace the default desktop background. Due to the instructions being written in Koreanentirely with no translations into other languages, it appears that UpdateDecrypter is designed to focus on South Korean users.
Fortunately for any victims of this particular threat, they will not have to pay even a dime for the restoration of their locked files, as the UpdateDecrypter Ransomware can be decrypted. The threat asks for a password that will be provided to the victims only after paying the ransom to the criminals. However, users can bypass this step and use 'password' as the required password.