Radiation ransomware brings hell to your files

Radiation or alternatively called Hell malware functions as an ordinary file-encrypting threat. Regarding the title, it seems to be named after the outbreak of menacing NotPetya/Petya virus which hit especially inflicted significant damage on Ukraine, particularly Chernobyl power plant facility.
Luckily, the malware does not happen to be so developed as the latter threat. However, it messes up with the files without properly encoding them. It does not append any specific file extensions.
The crooks did a good job in developing users‘ interface. The software which is entitled as Radiation ransomware presents three options.
- How to Buy Bitcoin
- Check Payment
- Decrypt
Besides indicating the bitcoin address, it also changes the desktop background picture. According to it, Hell malware was programmed by KingCobra. It is quite common nickname in the virtual space, so you there are fewer chances to trace the identity of a hacker.
What is more, it also suggests the character of this perpetrator: observing the events in the cyber world, this wannabe crook also seeks attention. They do not seem to be an organized gang of cyber criminals. Nonetheless, you should make haste to remove Hell/Radiation threat. For that, you might make use of FortectIntego or MalwarebytesMalwarebytes.
Narcissistic felons flood the ransomware market
While indeed there are such threats as Cerber or DharmaLocker which continue terrorizing the virtual community from time to time, there are more low or mid-complexity threats drafted by wannabe hackers seeking temporal glory.
Usually, the ransom notes are exaggerated attempting to invoke a sense of hopelessness to victims. In this regard, Radiation does not differ much as well. It states to use AES and RSA encryption algorithms.
Though the malware is still at its early stage of development, the threat manifests felon‘s sufficient level of programming; The malware disguises under several alternative executable files[1]:
- ChaseBot.exe
- RADIATION.bin
- RADIATION.txt
- memes.jpg
- decrypt.exe
- decrypt.txt
- decrypter.exe
The malware also leaves its files in the %Temp% folder. According to its main executable file, ChaseBot.exe, it seems that the malware is capable of continuing its process even after a reboot.
It is fortunate that the malware is not fully developed which grants time and opportunities for cyber security forces to come up with a solution. If you were unlucky enough to get infected with the malware, do not hesitate to initiate Radiation/Hell removal.
The malware targets unwary users
Naturally, if you go browsing clicking here and there, the chances to run into malware significantly rocket. Note that current phishing and hacking techniques are so exquisite as you do not only need to click on an infected link or file but just hover over it.[2]
Furthermore, you might alternatively accelerate Radiation hijack by extracting the contents of a corrupted spam email message or installing a fake Adobe Flash Player. In addition, you should be wary of browser extensions as well. In order to lower the risk of a hijack, combine your vigilance with the operation of virus elimination tool.
Get rid of Hell ransomware from Windows OS
As the majority of file-encrypting threats, this one also targets Windows operating system. In order to curb the infection, you will need to terminate the malware with the help of a cyber security tool.
Taking into account that the malware spreads its files to different locations, including system files, it is not surprising if Radiation removal does not complete from the first attempt.
In that case, reboot the system into Safe Mode and access an anti-spyware application. In that case, you should be able to remove Hell/Radiation virus completely. If you happen to reside in Austria and encountered this malware, you might find our Hungarian version of 2-spyware useful.[3]
Was this guide helpful?
Be the first to comment