Willow Ransomware DescriptionType: Ransomware
The Willow Ransomware threat is a new potent malware uncovered by infosec researchers. The threat operates as typical ransomware - it aims to lock the files of its victims through a strong encryption algorithm. The targeted file types will become inaccessible, and victims will no longer be able to use their documents, databases, archives, photos, images, etc. The hackers responsible for deploying the threat will then extort the affected users for money to help restore access to the locked data.
As part of its nefarious functionality, the Willow Ransomware changes the names of the encrypted files by appending '.willow' as a new extension. To make sure that the affected users see the instructions of the hackers, the threat delivers two ransom notes with nearly identical messages. The first one will be displayed in an image that will replace the current desktop background. The second note will be contained inside a newly-created text file named 'READMEPLEASE.txt.'
Ransom Note's Details
The two notes have very minor differences in the text but all of the important details are the same. The hackers want to be paid a ransom of exactly $500. However, victims must send the money using the Bitcoin cryptocurrency to the provided crypto-wallet address. At the current Bitcoin exchange rate, the ransom stands at 0.1473766 BTC. Keep in mind that Bitcoin is volatile inherently and its valuation can change rapidly. The Willow Ransomware hackers warn that if their demands are not fulfilled, the encrypted files will be deleted and users will lose their data completely.
The full text of the message found inside the 'READMEPLEASE.txt' file is:
'Hello lad. I, Willow Wolf, encrypted your files yet again.
But as I'm good now, I done it because I think you are an threat to The Silver Paw
and The Safe Place. Most of your files are encrypted.
Pay me $500 in some way. If not - I'm sorry, you'll lose your files, and any
decryptor key is totally useless.
Amount: 0.1473766 BTC
Screenshots & Other Imagery
SpyHunter Detects & Remove Willow Ransomware
File System Details
|#||File Name||MD5||Detection Count|
This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.