Meet ransomware which wears the face of former president Barack Obama

Sept. 6, 2018

When ransomware first began to infest our home systems, cybercriminals would often use the threat of the FBI and law enforcement to frighten victims enough to pay up.

It’s unusual, though, to see the face of a former head of a country as a brand of malware.

Barack Obama’s Everlasting Blue Blackmail Virus Ransomware, as tweeted by MalwareHunterTeam, is perhaps one of the more peculiar strains of ransomware which have emerged over the course of this year.

The Windows-based malware is distributed through spam and phishing campaigns and will first scan an infected system for processes associated with antivirus solutions.

As reported by BleepingComputer, the Obama ransomware will then scan for files ending in .EXE, before encrypting them. Registry keys associated with the executable files are also tampered with so that every time an .EXE file is launched, the virus will, too.

Ransomware usually will encrypt content such as documents and media to force victims to pay a blackmail “fee” to retrieve their files.

It is not often that this particular form of malicious code will tamper with system files or processes which may cause potentially irrevocable damage to an infected PC, as should the machine crash and be fully inaccessible, there is heartbreak for the victim but no incentive to pay.

However, in the Obama ransomware’s case, the malware will seek to encrypt .EXE files in Windows folders, which may cause such damage. This could be the result of inept developers or an oversight on their part.

Once the malware has performed its scans and encrypted files, the following message is displayed alongside an image of former US president Obama:

“Hello, your computer is encrypted by me! Yeah, that means your EXE file isn’t open! Because I encrypted it.

So you can decrypt it, but you have to tip it. This is a big thing. You can email this email: [email protected] gets more information.”

ZDNet has the story

Sponsored Recommendations

The Race to Replace POTS Lines: Keeping Your People and Facilities Safe

Don't wait until it's too late—join our webinar to learn how healthcare organizations are racing to replace obsolete POTS lines, ensuring compliance, reducing liability, and maintaining...

Transform Care Team Operations & Enhance Patient Care

Discover how to overcome key challenges and enhance patient care in our upcoming webinar on September 26. Learn how innovative technologies and strategies can transform care team...

Prior Authorization in Healthcare: Why Now?

Prepare your organization for the CMS 2027 mandate on prior authorization via API. Join our webinar to explore investment insights, real-time data exchange, and the benefits of...

Securing Remote Radiology with the Zero Trust Exchange

Discover how the Zero Trust Exchange is transforming remote radiology security. This video delves into innovative solutions that protect sensitive patient data, ensuring robust...