Ransomware is a type of malicious software that encrypts a victim’s computer files, which cyberattackers offer to decrypt in exchange for a ransom payment. A cyberattacker using ransomware will typically demand payment in bitcoin.
The new ransomware strain, first reported by MalwareHunterTeam on Twitter, encrypts .EXE files — or files that execute a program — on a victim’s computer. The strain also terminates select processes from antivirus software providers such as Kaspersky, McAfee and Rising Antivirus.
After encrypting the files, the ransomware strain displays a screen with a photograph of Mr. Obama, with the text: “Hello, your computer is encrypted by me! Yeah, that means your EXE file isn’t open! Because I encrypted it. So you can decrypt it, but you have to tip it. This is a big thing. You can email this email: 2200287831@qq.com gets more information.”
The ransomware, which targets Windows computers, is distributed through spam and phishing campaigns, ZDNet reports. VirusTotal, a free online virus, malware and URL scanner, says this ransomware is detected by 45 out of 68 antivirus solutions.
This is not the first time a president has had a ransomware strain created with his likeness, according to Bleeping Computer. Before the 2016 U.S. presidential election, hackers released a strain of ransomware titled “The Donald Trump Ransomware.”
More articles on cybersecurity:
Report: Spam, malware found in 13% of emails
Security holes in Maryland’s Medicaid system put patient data at risk, OIG finds
Most medical device cybersecurity issues attributed to user authentication, report finds
