HDDCryptor Ransomware Demands One Bitcoin To Restore The Master Boot Record

It has been a short while since we had a new type of ransomware on our hands. HDDCryptor is a name that leaves little to the imagination, which is also part of its strategy. This malware attacks Master Boot Records and prevents computers from booting up. So far, several people have paid the Bitcoin ransomware demands.

No Fancy Name, But HDDCryptor is A Real Threat

Whereas most types of ransomware let users boot up their computers but restrict file access, HDDCryptor is taking things one step further.  The malware does not let users boot up their computers in the traditional sense unless the victim pays a ransom in Bitcoin. Even though this ransomware has been around since January of 2016, it is only now starting to reach its full potential.

Several reports indicate there is a new distribution campaign for HDDCryptor right now. The malware has also been updated to a newer version, which will make the life of security researchers more difficult. One of the first infections by this updated malware targeted an unspecific multinational, and headquarters across three different continents were affected.

This particular malware distributes itself through malicious websites, which – when visited – downloads several different malware kits onto the host computer. All of these files are either infected directly or contain a payload designed to deliver HDDCryptor. It is also worth noting the payload uses multiple open source tools, including DiskCryptor and Network Password Recovery.

So far, it appears several people have decided to meet the ransomware demands. Even though paying up should only be a last resort, not being able to boot up computers can cost enterprises millions of dollars per day. It is difficult to bypass the ransomware, as it completely rewrites the Master Boot Record with a custom boot loader.

At the time of writing, the criminals behind HDDCryptor requested a ransom of one Bitcoin to restore computer access. Depending on how many people decide to meet these demands, that price may go up over time. Once criminals notice people are paying the money with relative easy, they will only increase their efforts to infect computers all over the world.

Image credit 1

If you liked this article follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin and altcoin price analysis and the latest cryptocurrency news.