Usam Ransomware

More and more low-level cyber crooks opt to create and distribute ransomware threats to generate some quick cash. Ransomware building kits have allowed even inexperienced conmen to set up data-lockers, a threat that would, otherwise, be rather complex to build from scratch. One of the latest examples of this is the Usam Ransomware. This Trojan is a variant of the notorious STOP Ransomware.

Propagation and Encryption

The Usam Ransomware is a threat that is likely to target many different filetypes to ensure maximum damage. This file-locker will likely go after images, videos, documents, spreadsheets, presentations, audio files, databases, archives and many other filetypes. The goal of the Usam Ransomware is to lock the users’ data and then blackmail them into paying a ransom fee to receive a decryptor, which is meant to reverse the damage done to their data. The Usam Ransomware uses an encryption algorithm to lock the targeted files. The newly locked files would have their names changed because this data-lockers adds a ‘.usam’ extension. For example, a file that was called ‘vermillion-sky.mov’ originally will be renamed to ‘vermillion-sky.mov.usam’ when the encryption process is completed. It is not known how the Usam Ransomware is being distributed exactly. Experts believe that the con-artists behind the Usam Ransomware may be using phishing emails, malvertising operations, torrent trackers, fake social media campaigns, bogus software updates, etc.

The Ransom Note

The Usam Ransomware drops a ransom message on the infected host. The name of the file that contains the conmen’s message is ‘_readme.txt.’ In the ransom note, there are several key points:

• The ransom fee is $980.
• If you contact the attackers within 72 hours, you will receive a 50% discount, and the fee would be dropped to $490.
• The attackers’ email address is ‘helpmanager@mail.ch.’
• The hackers are willing to unlock one file for free.

We would advise you against cooperating with cyber crooks. They may not provide you with a decryption tool even if you follow all of their instructions. It is advisable to install a reputable, modern anti-virus solution that will locate and eliminate the Usam Ransomware from your system.