The new 'Robin Hood' ransomware forces you to do charity so that you can decrypt your files

 The new 'Robin Hood' ransomware forces you to do charity so that you can decrypt your files 



if you become infected with it

Feed the needy, buy clothes for the homeless or pay for medical treatment in hospitals, some of the good deeds that you should do in case your computer is infected with this ransomware.



One of the most frightening infections that our computer can suffer is ransomware, a method used by cybercriminals to encrypt each of our files, having to pay them a certain amount, generally through cryptocurrencies, to receive a password and decryption and thus recover all What we have. files and records.

We have already seen many types of ransomware, some targeting organizations, companies or individuals, but now CloudSEK researchers have discovered a ransomware named GoodWill, and in order to receive this decryption key when you are infected with it, you will have to do a lot of good deeds.


Specifically, the user will have to perform three main actions, and even provide visual evidence that you have done so, in order for the cybercriminals to send you a key to unlock your files.


For example, it requires the user to provide clothes and blankets to the needy people who are homeless, and they have to make a video doing this activity. This video should also be posted on social media and of course emailed to cybercriminals to get the key to decrypt your files.


The second Goodwill activity asks you to feed and take care of five poor children in fast food chains during that time, and of course you must take pictures of the event and post these pictures on social networks. On the other hand, the attackers also want to see the restaurant bill so that they can be sure that you did task 2.


Finally, the third act of goodwill asks you to go to the hospital and pay for medical treatment for those who need financial assistance, take a selfie with these people, and record an audio conversation as evidence.


Once the attackers verify all this information, they will send a decryption tool so that the user can recover their files, although it is very likely that this will not happen because users in this type of attack never end up recovering files and logs.

No comments