Home Malware Programs Ransomware Erenahen Ransomware

Erenahen Ransomware

Posted: September 9, 2019

The Erenahen Ransomware is a file-locking Trojan from the Globe Imposter Ransomware family. It locks your PC's media and holds it for a ransom by selling its decryption services in a related message file. Users always should keep secure backups of their work and have anti-malware products for removing the Erenahen Ransomware before any encryption attacks.

The Imposter is Back with the Same Tactic

The file-locking Trojan family that profits off of pretending that it's another one returns for fall, although not nearly approaching the same quantity as the STOP Ransomware, the Scarab Ransomware or other competitors. This Globe Imposter Ransomware variant of the Erenahen Ransomware has a linguistically-mysterious 'brand' for its name. Its payload is, nonetheless, far from mysterious, and continues blocking files for ransom payments.

Members of the Erenahen Ransomware's family are lacking, of late, relatively, although malware experts point out variants like the DDT Ransomware, the .DOCM Ransomware, the KBK Ransomware or the Healforyou Ransomware. Like its relatives, the Erenahen Ransomware uses the AES-256 encryption as a way of locking files, such as Word DOCs, JPG pictures, or XLSX spreadsheets. Any content under this blocking method is identifiable by the 'Erenahen' extension that the Erenahen Ransomware adds without taking away the previous one.

The Erenahen Ransomware's payload maintains the previous use of HTML-based ransom notes for selling its unlocking aid to any victims. The message is in English but includes small typos suggesting the threat actor isn't familiar with the language necessarily. Although malware experts have no information on any ransom payments, for now, they advise against paying without testing every other recovery possibility beforehand.

Spinning the Globe Away from an Imposter

Although the Erenahen Ransomware's family bears its name for the imitation of the Globe Ransomware, the encryption routine is just as real for either group. Users should be careful about maintaining backups on other devices that can't be locked or erased by the Erenahen Ransomware and other, file-locker Trojans. Although there are freeware recovery solutions for this family, most options center around an old version rather than the 2.0 of current variants.

Users should use strong passwords and update server software for reducing any chances of an attacker's compromising their system remotely. Further precautions that are helpful for the average PC owner include disabling unsafe features like JavaScript and Word macros, being careful while interacting with torrents, and analyzing e-mail attachments with all due care. The Erenahen Ransomware's family is Windows-specific, but file-locker Trojans are available in growing numbers for Macs, Android and Linux.

Anti-malware products, while not capable of reversing the effects of infections, should delete the Erenahen Ransomware and demonstrate few issues with ascertaining the nature of this threat.

A new wave of the Globe Imposter 2.0 Ransomware attacks means nothing but bad news for those without disciplined data-saving practices. A lifestyle that threats your digital belongings as disposable is asking a criminal to do the same thing.

Loading...