ABC Ransomware

Posted: November 16, 2017

Threat Metric

The Threat Meter is a malware assessment that SpywareRemove.com's research team is able to give every identifiable malware threat. Our Threat Meter includes several criteria based off of specific malware threats to value their severity, reach and volume. The Threat Meter is able to give you a numerical breakdown of each threat's initial Threat Level, Detection Count, Volume Count, Trend Path and Percentage Impact. The overall ranking of each threat in the Threat Meter is a basic breakdown of how all threats are ranked within our own extensive malware database. The scoring for each specific malware threat can be easily compared to other emerging threats to draw a contrast in its particular severity. The Threat Meter is a useful tool in the endeavor of seeking a solution to remove a threat or pursue additional analytical research for all types of computer users.

The following fields listed on the Threat Meter containing a specific value, are explained in detail below:

Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.

Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.

Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.

Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.

% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.

Threat Level:	2/10
Infected PCs:	37

First Seen:	June 11, 2021
Last Seen:	October 19, 2022
OS(es) Affected:	Windows

The operators of the Globe Imposter Ransomware continue to release different variations of their file locker, and it seems that they might soon become more popular than the threat they are copying – Globe Ransomware. The new strain of the Globe Imposter is titled the ABC Ransomware, and it uses the same attack methods that all previous variants use so that there's no change in this department. The threat works by penetrating the computer's defenses, and then executing a file-encryption task silently, whose purpose is to leave the victim with a large number of documents, images, songs, videos, and other files that can't be accessed.

It is probable that the operators of the ABC Ransomware will spread their threatening program with the assistance of spam e-mails, fake downloads, pirated software, and other shady threat propagation channels. Naturally, the best defense against threats like the ABC Ransomware is to use an up-to-date anti-virus software suite that will detect and stop unsafe programs before they get a chance to cause any damage. Unfortunately, users whose PCs are not protected sufficiently might fall victims to the ABC Ransomware's attack easily. When this crypto-threat is launched, it will initiate a background process, which takes care of the file encryption process. As mentioned above, the ABC Ransomware targets a long list of file formats so that victims of this threat are likely to end up having a hard drive full of inaccessible files. The ABC Ransomware will detect a unique 8-character identifier for all the infected computers, and then append it to the names of the locked files.

The ransom note is delivered as soon as the last file is encrypted, and victims will find it in the 'READ_IT.html' file. The message does not contain much information as it simply tells victims that they will need to pay to get their files back. The authors of the ABC Ransomware offer to decrypt one file free of charge, and they urge users to visit a TOR-based website where they will learn how to complete the ransom payment via a Bitcoin transaction.

You can rest assured that sending money to cybercrooks is one of the easiest ways to get tricked, and that's why we always advise our readers to disregard the instructions of ransomware operators. Paying the sum that the ABC Ransomware's authors demand does not guarantee a positive outcome. Instead of trusting anonymous cybercrooks, you should proceed to run a credible anti-malware scanner that will help you eliminate the file-encryption Trojan's files and other components. Unfortunately, the Globe Imposter Ransomware and its variants have not yet been decrypted so that the only reliable way to get your files back is through a recent backup. If one is not available, then some 3rd-party file restoration utilities might be able to recover some of the encrypted data.

ABC Ransomware

Threat Metric

Related Posts

Leave a Reply