Blackware Ransomware
The Blackware Ransomware is a screen-locking Trojan that covers your screen with a borderless pop-up and prevents you from closing it. The same window, also, demands Bitcoin ransoms for unlocking the computer, although the users shouldn't pay. The standard recovery procedures in this article can facilitate the regaining of control over the operating system before you delete the Blackware Ransomware with a trusted anti-malware program.
When Your Screen Goes not Quite Black
A screen-locking Trojan with a slightly confusing ransoming demand is popping up in threat databases, with few indicators on its spreading mechanisms or campaign infrastructure. The Blackware Ransomware, which malware experts rate as a low-level threat much less advanced than even Hidden Tear or the Jigsaw Ransomware, is capable of blocking computers, but only by forcing pop-ups on their screens. While the threat actor is trying to bully Bitcoin ransoms out of the victims, the success rate for the Blackware Ransomware is, so far, nil.
The Blackware Ransomware is a 32-bit Windows program with an installer of just over two hundred kilobytes and should be compatible with most versions of the OS, including Windows 10. The only attack of note that malware analysts confirm for its payload is a pop-up window that collects screen focus and doesn't respond to resizing (due to the absence of a border) or other commands, such as minimizing. This 'lockdown' window informs the users of the Blackware Ransomware's identity and tells them that they should pay Bitcoins to its wallet address for unlocking the computer.
Several details of the Blackware Ransomware's note are implying that its threat actor's not being ready for releasing it, however. The Blackware Ransomware doesn't provide a valid wallet for paying, includes several typos in its English-language text, and has no evident mechanisms for tracking the payments so that victims can unlock their monitors. For now, it's also using a static unlocking password of 'RanS0MKeYY23SjLRiOwnEr,' which makes recovering an easy chore even for users without backups or appropriate security solutions.
Pulling Your Desktop Out of a Trojan's Blackout
While the Blackware Ransomware's pop-up shouldn't respond to most default UI controls, the victims can regain access to their OS through other means. When dealing with threats that sabotage the user interface, and as a general precaution while disinfecting your PC, malware experts recommend that the users take advantage of the Safe Mode feature, or equivalent for their operating system. Microsoft provides several options for entering this software-disabling mode, depending on your version of Windows, including some that should load before the Blackware Ransomware (such as through the Windows Recovery Environment).
Once Safe Mode is disabling unwanted programs, including the Blackware Ransomware, the users can disinfect the PC at their leisure before rebooting and verifying the Trojan's deletion. Nearly half of all brands of anti-malware products identify the early versions of the screen-locking Trojan, and updated databases should heighten these rates, in time. No anti-malware tool should struggle with removing the Blackware Ransomware, which doesn't possess rootkit-level features or other defenses against its uninstallation.
The Blackware Ransomware is asking for cryptocurrency to a fake wallet, as of late January. However, it's unusual for any threat actor's programming an independent threat without trying to make money with it, sooner or later – and users can only do their best to keep from being marks.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.