Threat Database Ransomware WSHLP Ransomware

WSHLP Ransomware

By GoldSparrow in Ransomware

WSHLP is a ransomware infection that encrypts files on the victim's computer and tries to extort money in exchange for a decryption key. The WSHLP Ransomware belongs to the Dharma Ransomware family and spreads through infected e-mail attachments that exploit social engineering techniques. In some cases, cybercriminals take advantage of vulnerabilities in the operating system and install ransomware threats like the WSHLP Ransomware on target computers manually.

When the WSHLP Ransomware enters the system, it searches for certain file types and then encrypts the suitable matches with a strong encryption algorithm. The targeted files contain valuable information of the user, like images, videos and documents. As soon as encryption is complete, the WSHLP Ransomware displays a pop-up message on the user's screen with all the instructions on how to contact the attackers at the e-mail address The ransom note also is contained in a text file named "FILES ENCRYPTED.txt."

The WSHLP Ransomware appends the extension ".[].WSHLP" to encrypted files, while the ransom amount is $500 in BTC. Malware experts do not recommend communicating with ransomware operators or paying the required amount, as they usually never send a valid decryption tool. In most cases, the data locked by a ransomware infection can only be recovered from backups.


Most Viewed