Hitler-Ransomware

Hitler-Ransomware
Malware details
AliasHitler-Ransonware
ClassificationRansomware
OriginGermany

Hitler-Ransomware is a form of ransomware from Germany created in 2016. It requests payment within one hour; otherwise, it will delete files from the infected computer.[1][2]

History

Hitler-Ransomware was first developed in 2016. The ransomware activates with a lock screen with an image of Adolf Hitler giving a Nazi salute. The message on it states "This is the Hitler Ransonware. Your files was encrypted! Do you decrypt your files?". It then demands payment in the form of a €25 Vodafone mobile phone gift card and gives the owner of the computer one hour to pay with a countdown timer accompanying.[1] Failing to pay the ransom when the one hour countdown timer reaches zero results in the system crashing with a blue screen of death and when the computer reboots, all of the files in the computer's user profile folders have been deleted.[2] Contrary to what it claims, the ransomware does not encrypt the computer files; instead, it runs a script that disassociates all file types to mislead people into thinking their files have been encrypted.[3]

The virus was discovered by the AVG Technologies analyst Jakub Kroustek. Upon further investigation of it, he determined that it likely originated in Germany as a prototype given that the batch file associated with it had the words "Das ist ein Test" (German: This is a Test) in it.[4] It is noted that while the Hitler ransomware's demand for payment in gift cards instead of Bitcoin was uncommon, it was not unique to this ransomware.[5] A typo on its lock screen, "Hitler-Ransonware," led technology journalist Darlene Storm to joke that it could upset Grammar Nazis.[5]

An updated version of Hitler-Ransomware disguised as "CainXPii" called "Hitler 2" was later released. This version was similar to the original except that it corrected the spelling of "ransomware" and removed the countdown timer.[6] In January 2017, an updated version known as "The FINAL version" of Hitler-Ransomware was released.[7]

References

  1. ^ a b "Hitler ransomware demands victims pay €25 in Vodafone Card and deletes files instead of encrypting". International Business Times. 2016-08-10. Retrieved 2018-02-14.
  2. ^ a b "This Week in Crude Attempts at Malware: 'Hitler-Ransomware'". Vice. 2016-08-09. Retrieved 2018-02-14.
  3. ^ "Development version of the Hitler-Ransomware Discovered". Bleepingcomputer.com. 2016-08-08. Retrieved 2018-02-14.
  4. ^ "Hitler 'ransomware' offers to sell you back access to your files – but just deletes them". The Register. Retrieved 2018-02-14.
  5. ^ a b Storm, Darlene (2016-08-10). "Thugs developing cat-themed ransomware for Androids and Hitler ransomware for PCs". Computerworld. Archived from the original on 2016-08-11. Retrieved 2018-02-14.
  6. ^ Britec Computers. Hitler 2 Ransomware prevents the use of Windows. YouTube. Retrieved 2018-02-14.
  7. ^ "January 2017: The Month in Ransomware". Tripwire. 2017-02-08. Retrieved 2018-02-14.

Content Disclaimer

Informasi ini disarikan dari Wikipedia dan disajikan kembali untuk tujuan edukasi. Konten tersedia di bawah lisensi CC BY-SA 3.0. Kami tidak bertanggung jawab atas ketidakakuratan data yang bersumber dari kontribusi publik tersebut.

  1. The information displayed on this website is sourced in part or in whole from Wikipedia and has been adapted for the purpose of restating it. We strive to provide accurate and relevant information, however:
  2. There is no guarantee of absolute accuracy. Wikipedia is an open, collaborative project that can be edited by anyone, so information is subject to change.
  3. It is not intended to constitute professional advice. The content displayed is for informational and educational purposes only. For important decisions (e.g., medical, legal, or financial), please consult a professional.
  4. Content copyright. Wikipedia is licensed under the Creative Commons Attribution-ShareAlike License (CC BY-SA). This means that content may be reused with appropriate attribution and shared under a similar license.
  5. Responsible use. Any risk arising from the use of information from this website is entirely the responsibility of the user.