New ransomware is in play, referred to as RobbinHood this is concentrated on whole networks and then encrypting all computer systems that they can gain get admission to. They then request a positive amount of bitcoins to decrypt a single computer or a larger amount to decrypt the whole network. Not a good deal is currently recognized about this ransomware, and a sample for RobbinHood has no longer currently been determined. We have, although, seen the ransom notes and encrypted documents of numerous sufferers, which lets us put together an image of how this ransomware may operate. Of particular interest is how they stress that the victim’s privateness is crucial to them, and they will now not disclose any victims who have paid.
Robinhood goals networks
Enc_robbinhood. Based on the ransom observe in the text, the attackers in the back of RobbinHood are actively seeking to benefit access to networks. Once they benefit from getting the right of entry, they may try and encrypt as many computers in the community. While nothing is thought concerning the encryption being used, we recognize that after files are encrypted, they may be renamed to something similar to Encrypted_b0a6c73e3e434b63. The ransomware may even unusually drop ransom notes below four unique names at an identical time. The names of those notes are _Decryption_ReadMe.Html, _Decrypt_Files.Html, _Help_Help_Help.Html, and _Help_Important.Html.
These ransom notes will include facts concerning what befell the sufferer’s files, ransom amounts, and links to the TOR websites wherein customers can send a message for the attackers or decrypt 3 files as much as 10MB in length without spending a dime. These notes provide one-of-a-kind payment quantities depending on whether or not you need to decrypt an unmarried pc or an entire community. For example, in a ransom note that uses BleepingComputer, the ransom becomes three bitcoins per laptop or 7 bitcoins for the community. It also states that after the fourth day, the ransom will boom by $10,000 in line with day.
Robinhood cares about your privacy.
On the ransomware’s Tor price page, the builders of RobbinHood nation care about their sufferer’s privateness and that the encryption keys and IP addresses could be deleted after price. “I want to say that your privacy is important for us, all of your statistics, including IP, cope with and Encryption keys, could be worn out after your payment. Also, the bitcoin deal with you must pay to, is generated especially for you and no person knows about it.”