Prior to cybercriminals using crypto mining scripts to harness your CPU power illegally, different kinds of ransomware like WannaCry kept infecting computers all across the world. It’s not like the ransomware threat is over — every now and then, a new and interesting ransomware appears on the horizon.
Here, I’m going to tell you about the “Barack Obama’s Everlasting Blue Blackmail Virus.” The ransomware was first reported by MalwareHunterTeam (via Bleeping Computer). It appears that, at the moment, malware only encrypts .EXE files on the Windows machines.
Being a ransomware, it, obviously, comes along with a ransom note. Here, it’s in the form of a picture of Barack Obama and a “tip” to unlock the files. The tip mentions ransom payment instructions and asks the user to contact a given email for further information.
— MalwareHunterTeam (@malwrhunterteam) August 22, 2018
When it comes to the encryption performed by the ransomware, it doesn’t add any special or custom extension. The new extension is added as a secondary one to make the files unusable.
It also erases all the Shadow Volume Copies from Windows machines. This is done to make the recovery of the files difficult. Malware also modifies the registry keys associated with the files and runs itself everytime someone attempts to run some .EXE file.
It goes without saying that the users are requested to avoid paying the cybercriminals any kind of ransom; such action will most probably motivate them and blackmail you even further.