The Trumphead Ransomware is low-quality ransomware that appears to borrow a significant portion of its code from the open-source project known as HiddenTear. The authors of HiddenTear did not intend for their project to be used with harmful intentions, but the cybercriminals do not seem to care about this, and they have modified the HiddenTear code hundreds of time to create their fully personalized file-encryption Trojans. The good news is that the TrumpHead Ransomware’s authors are likely not to be very experienced in the world of malware since they have failed to initialize the file-encryption module properly. This means that once the TrumpHead Ransomware is launched, it will create a ransom note, but it will not generate any damage to the files on the compromised computer.

When the TrumpHead Ransomware completes the attack, the users will only notice one difference – the presence of the file ‘READ_THIS.txt’ on their desktops. This document says that the user’s files have been encrypted securely, and they need to pay 0.8 Bitcoin if they wish to get them back. The authors of the TrumpHead Ransomware also include the email [email protected] as the only way to contact them. The good news is that the TrumpHead Ransomware does no harm, and all you need to do is run a trustworthy anti-virus application that will dispose of the harmful files.
[template:aliases][template:removal][template:technical_title][template:files][template:registry][template:additional]