SadComputer Ransomware is a ransomware threat detected in the middle of April 2019. Ransomware attacks are becoming popular in the world of cyber-crime increasingly, and users need to stay vigilant particularly. Cybercrooks often regard them as an easy way to make some cash at the victim’s expense and get away with it.
It is not clear what the propagation method of the SadComputer Ransomware is exactly, but it is suspected that they employ the usual tactics to get access to your system – through pirated software, fake updates, and most commonly via spam emails that would have a faux attachment. If the SadComputer Ransomware succeeds in infiltrating your computer, it begins scanning for the file types it targets. This is usually the most common types, which all of us have – .jpeg, .png, .mov. .pptx, .mp3, .doc, etc. Then, the encryption process begins, and the SadComputer Ransomware locks down all the files intended, which makes them unusable. The threat would proceed to alter the names of the files by adding the extension ‘.sad,’ which would mean that a file named ‘windbreaker.jpeg originally would be turned into ‘windbreaker.jpeg.sad.’ After the SadComputer Ransomware is done encrypting all the data it was set out to lock, it would drop a ransom note by the name ‘sadcomputer_note.txt.’ The note contains four questions and four answers.
“Q: What Happened to my computer?”
“A: Your Files Have Been Encrypted.”
“Q: How Do i restore the files?”
“A: You need to use bitcoin to restore the files.”
“Q: Can i use other methods?”
“A: Yes. You can use Paypal.”
“Q: How can i trust?”
“A: We dont cheat users. We restore the files.”
Furthermore, there is a ransom window, which displays a timer that states that the victim’s files will be deleted in 5 minutes. However, there is no confirmation that this is a real threat, and it might be a bogus social engineering trick to scare and pressure users into paying the ransom sum. The attackers also have provided the victim with their Bitcoin wallet address.
Despite the authors of the SadComputer Ransomware reassuring you that they will not cheat you and will give you the decryption to, do not forget that you are dealing with cyber-criminals. It is not recommended to pay up as you are likely to be tricked. Instead, you should download a reputable anti-malware application and have it take care of the SadComputer Ransomware for you. After this, you can try to get some of your data back using a third-party data restoration tool.