The Mada Ransomware is a file locker, which extorts its victims for money by encrypting their files and promising to restore them as soon as a certain ransom payment is completed. We assure you that the authors of the MADA Ransomware are not to be trusted, and this means that you should never agree to send them money. Years of experience in the cybersecurity field has shown that ransomware authors are among the least honorable cybercrooks, and they often do not fulfill their part of the deal even if their victim meets all of their demands.
MADA’s Author Threatens to Delete Files Regularly
The MADA Ransomware does not seem to be a very sophisticated project, but it is still able to cause a fair bit of damage by encrypting various documents, spreadsheets, images, archives and other media. When this file locker carries out its attack, the MADA Ransomware will also apply the ‘.LOCKED_BY_pablukl0cker’ to all files that were locked successfully. The ransom note contains a fairly interesting bit of threats. The authors threaten that the MADA Ransomware will start by deleting one random file a day, and the number of wiped files will grow to 100/day, 1000/day, etc. gradually. They also warn victims that any attempts to stop the file locker or reboot the computer will lead to further data loss. We can’t confirm whether this is true or not, but we assure you that paying the ransom sum is not a wise decision. The cybercrooks behind this threat do not provide the exact ransom sum they demand, but they do mention that Bitcoin is their preferred payment method and victims can e-mail them at [email protected]
Connection to JigSaw might Give Victims a Shot at Recovering Their Data
While the MADA Ransomware is scary undoubtedly, there is some good news! Its authors have used the JigSaw Ransomware as the foundation for their project, and this means that there is a significant chance that the free JigSaw decrypter will be able to help victims of the MADA Ransomware to recover their data. However, before using decryption software, you should make sure to remove the MADA Ransomware’s files with a credible anti-malware software suite.