VHD Ransomware Description
The VHD Ransomware is a new Trojan that targets regular users and encrypts all the files present on their systems. Data-encrypting Trojans, like the VHD Ransomware, are one of the worst threats one can end up having to deal with. A ransomware threat would compromise your system, locate your data, encrypt all your files, and demand cash in exchange for a tool that would help you recover the lost data.
Propagation and Encryption
The creators of the VHD Ransomware may be using spam emails to spread this Trojan. Targeted users would receive a carefully crafted email that tries to trick them into launching the file attached to the fake message. If the user opens the attachment to review it, they will allow the VHD Ransomware to infect their computer. Torrent trackers, malvertising campaigns, and bogus software updates and downloads are among other commonly deployed infection vectors in regards to ransomware threats. The VHD Ransomware is likely targeting a very long list of filetypes that would be locked once it manages to infiltrate the targeted PC. This means that if the VHD Ransomware infects your system, it will make sure to encrypt all your images, documents, audio files, spreadsheets, videos, presentations, archives, databases, etc. This is done via an encryption algorithm. When the VHD Ransomware encrypts a file, it also will change its name by adding a ‘.VHD’ extension to it. This means that a file, which was originally named ‘sunset-street.png,’ will be renamed to ‘sunset-street.png’ after the VHD Ransomware completes its encryption process.
The Ransom Note
Just like most ransomware threats, the VHD Ransomware will drop a ransom note on the victim’s system. The message of the authors of the VHD Ransomware can be found in a file called ‘HowToDecrypt.txt.’ In the note, the attackers state that they have encrypted all the data on the user’s system and that the only way to recover it is to purchase a decryption key from them. The creators of the VHD Ransomware do not mention what the ransom fee demanded is, but they state that the sooner one contacts them, the lower the price would be. The victim can contact the attackers via two email addresses – ‘firstname.lastname@example.org’ and ‘email@example.com.’
It is best to stay clear from cyber crooks. Their claims are not to be trusted as they rarely keep their promise. If you want to remove the VHD Ransomware from your computer, you should use a reputable anti-virus solution.