• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • March 6th, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Security
Malware

New Ransomware Asks User to Play Click Me Game while Encrypting Data

October 21st, 2016 Waqas Security, Malware 0 comments
New Ransomware Asks User to Play Click Me Game while Encrypting Data
Share on FacebookShare on Twitter
The click me game malware is developed by Iranian hacker as its readme file is written in Persian.

Karsten Hahn, a malware analyst at GData, has identified new ransomware that is currently in its developmental phase. According to Hahn’s analysis, the ransomware pretends to be a Click Me Game while its objective is the same, to encrypt the files present on a system.

Also Read: The Nastiest of all Ransomware Mamba Encrypts Entire Hard Drive

Bleeping Computer reports that as soon as the malware file is executed, a screen is launched that displays a Click Me button. When the user tries to click on it, it starts changing its position so that user has to move the mouse cursor to click. When all this is happening, the malware is silently encrypting files stored on the drive. This means the Click Me game is just added to keep the victim busy while the malware performs its job.

new-ransomware-asks-user-to-play-click-me-game-while-encrypting-data

Screen that launces once the malware is executed

If the user has spent a certain amount of time following the Click Me button or somehow user presses Enter key, the ransom note appears. The note contains an image of Anonymous followed by the message “You Have Been Hacked.” There is also some text in Persian (Farsi) that means that the victim has to pay ransom to get the decryption code for the encrypted files. This image will show you the ransom note and Farsi text that appears on the screen.

new-ransomware-asks-user-to-play-click-me-game-while-encrypting-data-2

Translation: Alright, my dear brother!!! Enough free playing. Your files have been encrypted. Pay so much this much money so I can send you the password for your files. I can be paid this much too cause I am very kind. So move on I didn’t raise the price.

Currently, it is not possible to comment whether the ransomware is functional enough to be termed as an effective or threatening ransomware or even if it is a viable malware because it is in development. Hahn does state that it can encrypt files but it is also obvious that in its current form the ransomware only encrypts files that are located at D:\ransom-flag.png and doesn’t targets any other files or folders.

Moreover, the ransom note also indicates that the malware is not yet ready since payment related instructions like email address or payment website link aren’t included in the ransom note. The ransomware utilizes the AES encryption technique and adds .hacked extension to the encrypted files’ original titles.

Also Read: CryPy Ransomware Encrypts Each File Individually with a Special Key

The video posted below will show you how this works:

[fullsquaread][/fullsquaread]

Also Read: ‘No More Ransom’ Anti-Ransomware Portal; Recovers Encrypted Data for Free

As of now, the ransomware isn’t being formally distributed and therefore, we need not feel so concerned at the moment. Let’s hope that it never sees the light of the day and remains hidden.

Top/Featured Image Via: Twitter/Marcelo Rivero 

  • Tags
  • Cyber Crime
  • gaming
  • hacking
  • internet
  • Malware
  • Ransomware
  • security
Facebook Twitter LinkedIn Pinterest
Previous article ATM Malware Hack: State Bank of India Blocks Millions of debit cards
Next article Hacked: 43M Weebly and 22M FourSquare accounts stolen
Waqas

Waqas

I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism

Related Posts
Microsoft, FireEye report 3 new malware linked to SolarWinds hackers

Microsoft, FireEye report 3 new malware linked to SolarWinds hackers

Threat actors hijacking Bitbucket and Docker Hub for Monero mining

Threat actors hijacking Bitbucket and Docker Hub for Monero mining

IT Security firm Qualys extorted by Clop gang after data breach

IT Security firm Qualys extorted by Clop gang after data breach

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
Microsoft, FireEye report 3 new malware linked to SolarWinds hackers
Cyber Attacks

Microsoft, FireEye report 3 new malware linked to SolarWinds hackers

Threat actors hijacking Bitbucket and Docker Hub for Monero mining
Security

Threat actors hijacking Bitbucket and Docker Hub for Monero mining

Top Russian hacker forums Maza, Verified hacked; data leaked online
Hacking News

Top Russian hacker forums Maza, Verified hacked; data leaked online

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us