New ransomware strain masquerades as Barack Obama

A new strain of ransomware, dubbed "Barack Obama's Everlasting Blue Blackmail Virus," uses a photograph of former President Barack Obama as part of its extortion scam, Bleeping Computer reports.

Ransomware is a type of malicious software that encrypts a victim's computer files, which cyberattackers offer to decrypt in exchange for a ransom payment. A cyberattacker using ransomware will typically demand payment in bitcoin.

The new ransomware strain, first reported by MalwareHunterTeam on Twitter, encrypts .EXE files — or files that execute a program — on a victim's computer. The strain also terminates select processes from antivirus software providers such as Kaspersky, McAfee and Rising Antivirus.

After encrypting the files, the ransomware strain displays a screen with a photograph of Mr. Obama, with the text: "Hello, your computer is encrypted by me! Yeah, that means your EXE file isn't open! Because I encrypted it. So you can decrypt it, but you have to tip it. This is a big thing. You can email this email: 2200287831@qq.com gets more information."

The ransomware, which targets Windows computers, is distributed through spam and phishing campaigns, ZDNet reports. VirusTotal, a free online virus, malware and URL scanner, says this ransomware is detected by 45 out of 68 antivirus solutions.

This is not the first time a president has had a ransomware strain created with his likeness, according to Bleeping Computer. Before the 2016 U.S. presidential election, hackers released a strain of ransomware titled "The Donald Trump Ransomware."

More articles on cybersecurity:
Report: Spam, malware found in 13% of emails
Security holes in Maryland's Medicaid system put patient data at risk, OIG finds
Most medical device cybersecurity issues attributed to user authentication, report finds

© Copyright ASC COMMUNICATIONS 2019. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.

 

Top 40 Articles from the Past 6 Months