Advertisment

kingdice

There are quite a few different types of ransomware making the rounds right now. Most of these malicious software types will mainly focus on extorting victims for a Bitcoin payment. However, some types of malware give us a good laugh as well. Resurrection-ransomware is quite amusing, as it plays some music in the background while the ransom note is displayed on the screen. Luckily, users can easily decrypt this malware without paying any money.

What is the Deal With Resurrection-ransomware?

It is very strange to see a new type of malware which has a double name split by a hyphen. Most types of ransomware want to sound cool, such as JigSaw, Locky, or even Jaff. Resurrection-ransomware is not an intimidating name by any means, and it does not appear there is much bite to the bark either. That being said, there are some things about this strain of malicious software people have to take into account before dismissing this threat so easily.

To be more specific, this particular malware infects computers through spam campaigns, malicious software downloads, and even malvertising campaigns. It does not appear antivirus solutions will pick up this malware as it infects your computer, although that situation may change over the coming weeks. Always be wary when receiving email attachments from unknown senders, especially in these days of growing ransomware threats.

Once the Resurrection-ransomware is installed on the computer, it will begin the file encryption process. This can take a few minutes, depending on how many files there are on the computer. All encrypted data is also renamed to a new file extension. Users are, in theory, unable to regain file control without paying the Bitcoin ransom. However, making this payment is not the solution when dealing with this malware, as some users have not received their decryption key in the end. Paying this ransom is never a good idea in the first place, as it will only incentivize criminals to do harm upon others.

What makes this particular strain so intriguing is how it plays music in the background while displaying the ransom note on your screen. This is rather uncommon among ransomware types, as there seems to be no purpose for doing so. The music choice is both interesting and eerie, as it is a mix of Halloween tunes and Harry Potter-esque music. A very strange choice by the developers, but one that certainly makes their creation stand out from any other type of ransomware in circulation right now.

One silver lining associated with the Resurrection-ransomware is how it can be decrypted with relative ease. In fact, all it takes is a proper anti-malware or anti-spyware tool to get rid of most of the components installed by this ransomware. These tools should detect several threats, all of which can be removed through the software itself. However, this will not necessarily recover your data, as files will still be encrypted. That problem can be solved by using a data recovery tool

The Stupid Decryptor tool provided by BleepingComputer should be capable of getting rid of Resurrection-ransomware as well, although your mileage may vary. It does not appear this malware removes the shadow volume copy on your hard drive, which should allow for restoring data from a previous backup. It is possible we will see more decryption tools for Resurrection-ransomware in the future, although nothing has been confirmed at this time.

If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.

You want the latest news about Crypto? Sign up to our weekly Newsletter!