New ransomware is in play, referred to as RobbinHood. This is concentrated on whole networks and then encrypts all computer systems that they can gain admission to. They then request a positive amount of bitcoins to decrypt a single computer or a larger amount to decrypt the whole network. Not a good deal is currently recognized about this ransomware, and a RobbinHood sample has no longer been determined. We have, although, seen the ransom notes and encrypted documents of numerous sufferers, which lets us imagine how this ransomware may operate. Of particular interest is how they stress that the victim’s privacy is crucial to them, and they will now not disclose any victims who have paid.
Robinhood goals networks
Enc_robbinhood. Based on the ransom observed in the text, the attackers behind RobbinHood actively seek to gain network access. Once they benefit from getting the right of entry, they may encrypt as many computers as possible in the community. While nothing is considered concerning the encryption being used, we recognize that after files are encrypted, they may be renamed to something similar to Encrypted_b0a6c73e3e434b63. The ransomware may even unusually drop ransom notes below four unique names at an identical time. The names of those notes are _Decryption_ReadMe.Html, _Decrypt_Files.Html, _Help_Help_Help.Html, and _Help_Important.Html.
These ransom notes will include facts concerning what befell the sufferer’s files, ransom amounts, and links to the TOR websites wherein customers can send a message to the attackers or decrypt three files as much as 10MB in length without spending a dime. These notes provide one-of-a-kind payment quantities depending on whether or not you need to decrypt an unmarried PC or an entire community. For example, in a ransom note that uses BleepingComputer, the ransom becomes three bitcoins per laptop or seven bitcoins for the community. It also states that the ransom will boom by $10,000 after the fourth day, which aligns with the day.
Robinhood cares about your privacy.
On the ransomware’s Tor price page, the builders of RobbinHood nation care about their sufferers’ privacy and say that the encryption keys and IP addresses could be deleted after the payment. “I want to say that your privacy is important for us. Your statistics, including IP, cope with, and Encryption keys, could be worn out after your payment. Also, the Bitcoin deal you must pay to is generated especially for you, and no one knows about it.”
