hello. This is White Defender.
Ransomware can be dealt with if you prevent it in advance.
White Defender is an anti-ransomware solution that can protect against ransomware in real time. thank you안녕하세요. 화이트디펜더입니다.
whitedefender video
This is a video of White Defender responding to ransomware threats.
- title
- Seoul ransomware
- Registration date
- 2023-06-11
- type
- Ransomware
- Treatment method
- Diagnosis/treatment is possible with WhiteDefender.
- change extension
- File name.Extension.[Unique ID].Random value
- ransom note
- Previous post
- Nuke Ransomware
- next post
- Yashma
Everyzone White Defender Co., Ltd. |
CEO: Seunggyun Hong|Business registration number: 220-81-67981
Copyright ⓒEveryzone , Inc. All Rights
Reserved.|
This ransomware discovered by anti-ransomware Whitedefender while investigating cyber security threats is [Seoul Ransomware].
I tested running Seoul ransomware with WhiteDefender's real-time protection function turned off.
It shows that all files are encrypted as a zip file, but when you actually unzip them, a compression error appears.
This malicious ransomware encrypts files on the infected device and adds [file name.extension.[unique ID].random value] to the file name.
For example, the original file "Photo.jpg" file is changed to "Photo.jpg.[Unique ID].Random value]", and the "1.png" file is changed to "1.png.[Unique ID].Random value]". It looks like it is encrypted.
Afterwards, Seoul ransomware changes the desktop image and creates a ransom note (demand for money) [WE RECOVER YOUR DATA.TXT] file.
The ransom note informs you that this PC is infected with ransomware and all files have been encrypted, and asks you to pay in Bitcoin.
They say that if you send them 1-2 encrypted files for testing, they will decrypt them and send them to you, but warn that decrypting or renaming the data using other methods may result in permanent data loss.
to use a reliable anti-ransomware program.
Keep your security software up to date.