Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: Reddit Facebook
New Badblock ransomware damages Windows so it won’t boot anymore
#1
http://www.myce.com/news/badblock-ransom...ign=buffer
[Image: 1xHG9R5l.jpg]

Security researchers from Sensor Tech have found a new ransomware variant that damages Windows installations on purpose in such a way that the OS will no longer start. The ransomware is called BadBlock and not only encrypts all kinds of video, image and document files, but also important Windows system files.
Once the ransomware has done its job, the computer will no longer boot into Windows, because essential system files are encrypted. Instead of booting, Windows will show an error message stating, “Windows can’t start because the following file is missing or corrupt: <Windows root\system32\ntoskrnl.exe. Please re-install a copy of the above file.”

Interesting is that Badblock warns its victims that it is doing its nasty job. This is different from most other ransomware, it’s common for them to show a message once all files are encrypted. Badblock starts to show a message as soon as it becomes active which allows users to stop the process using task manager.
The cybercriminals behind Badblock demand a ransom of 2 Bitcoin ($1144) but victims can decrypt their files for free, thanks to Emisoft’s security researcher Fabian Wosar. He has made a free tool that is able to decrypt files encrypted by Badblock.
Reply
#2
So...
This ransomware warn you before it's too late, so...
you can stop it easily with the task manager...
then, use a free tool to decrypt the files.
Not much of a threath for a power user...
unless your pc is on, and it encrypt all your files when you're not there.
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  A New Day for GDPR Damages Claims in Germany? Bjyda 0 923 02-28-2021 , 07:27 PM
Last Post: Bjyda
  Ryuk ransomware now self-spreads to other Windows LAN devices mrtrout 0 814 02-26-2021 , 09:40 PM
Last Post: mrtrout
  Google Told Its Workers That They Can’t Use Zoom On Their Laptops Anymore sidemoon 0 1,330 04-09-2020 , 01:15 PM
Last Post: sidemoon
  Critical Windows Update Spam Fails at Delivering Ransomware tarekma7 0 1,386 11-20-2019 , 07:34 PM
Last Post: tarekma7
  Windows 10 Ransomware Protection Bypassed Using DLL Injection mrtrout 0 1,690 10-12-2018 , 01:41 AM
Last Post: mrtrout

Forum Jump:


Users browsing this thread: 1 Guest(s)