Five Interesting Wallet Ransomware Facts

Five Interesting Wallet Ransomware Facts

Fact – #1 Wallet & Other Ransomwares are Making Headlines

One of the first Wallet ransomware facts is it’s popularity. Wallet, one of the most prominent ransomware strains to have surfaced of late, continues to make its presence felt with updated propagation methods and infection routines. The emerging attack using ransomware families continues with the consistent release of updated versions and evolved tactics strengthening the reign of cyber criminals. Hardly a day goes by without a ransomware making headlines:

  • In February 2016, the Hollywood Presbyterian Medical Center, in Los Angeles, paid a ransom of about US$17,000 (40 Bitcoins) to hackers who infiltrated and disabled its computer network with ransomware.
  • Just days before the new year of 2017, on December 30, 2016, the Los Angeles Community College District (LACCD) agreed to pay a ransom demand of $28,000 to crooks who managed to infect the computer network of the Los Angeles Valley College (LAVC) with ransomware.
  • The University of Calgary transferred 20,000 Canadian dollars-worth of bitcoins ($15,780; £10,840) after it was unable to unwind damage caused by an attack of ransomware attack of ransomware.

Fact #2 – Wallet is Similar to Other Ransomware

Wallet Ransomware is a typical ransomware program, which infiltrates computers and networks and encrypts certain files that are stored on them, thus rendering them unreadable for any existing program. .Wallet uses a complicated algorithm to encrypt all private files, adds the .Wallet extension and overall follows the classic ransomware pattern. Just like Locky, Cerber, Shade and thousands of ransomare viruses, this program is devastating. For appetizers, ransomware is sneaky, which lands on the device in complete silence and gets activated immediately. It then performs a thorough scan searching for private files.

Fact #3 – Wallet Ransomware Name Comes from File Extension

Adding to Wallet ransomware facts is it’s namesake. .Wallet ransomware owes its name to the extension added at the end of the filenames. The extension designates items encrypted for malicious purposes. The scrambling aims at forcing the victims to pay the ransom.

Wallet Ransomware Facts #4 – Its Cousin is Dharma

.Wallet goes hand in hand with .Dharma. Both are the extensions added to the files hit by the strongest combination of military-grade encryption (AES and RSA). Sometimes, zzzzz and other appendix substitute the above. ‘Wallet’ and its counterparts make a final part of the appendix added. The file then looks like this: file_name.pdf.[[email protected]].wallet
.Wallet may create multiple files in %Temp% and %AppData% folders. Also, it may drop its ransom notification files, which RMV researchers claim to be named as following:

  • Readme.jpg
  • Readme.txt

If you know your enemies and know yourself, you will not be imperiled in a hundred battles… if you do not know your enemies nor yourself, you will be imperiled in every single battle.”
– Sun Tzu, ‘‘The Art of War’

Fact #5 – Distribution via “Malvertisements”

The main distribution method for Wallet is the so called “malvertisements”, ads and emails that were either made by cyber criminals or were just taken advantage by them and injected with the malicious payload. Once you click on one of those links, you’re either redirected to a dangerous website that’s filled with viruses, or you directly download a virus, like .Wallet Ransomware. With this in mind, you should use caution when clicking links in emails, popups, banners or other forms of online advertising materials.

MonsterCloud provides cybersecurity services and specializes in wallet ransomware removal. MonsterCloud does not support paying criminals to fix ransomware as it encourages more crimes… and you might get ripped off.

Related Posts

No results found.