Wednesday, May 21, 2025
HomeComputer SecurityNew Ransomware That Encrypts Only EXE Files on Windows Machines

New Ransomware That Encrypts Only EXE Files on Windows Machines

Published on

SIEM as a Service

Follow Us on Google News

A new ransomware that encrypts only EXE files present in your computer including the ones presented in the windows folder, which typically other ransomware won’t do to ensure the operating system function correctly.

It was first tweeted by MalwareHunterTeam and it has the title as Barack Obama’s Everlasting Blue Blackmail Virus Ransomware, according to its file properties. It is unknown how the attackers distributing the ransomware.

- Advertisement - Google News

Generally ransomware will encrypt other media file’s such as docx, .xls, .doc, .xlsx, .ppt, .pptx, .odt, .jpg, .png, .jpeg, .csv and other to force the victim into making payment, Barack Obama’s Blackmail Virus Ransomware targets only the .EXE file.

The ransomware also encrypts the registry keys that associated with the EXE file to run every time when someone launches the application.

As with any other ransomware, it doesn’t show’s any Ransome amount instead it ask’s victim’s to send an email to “2200287831@qq.com” for payment details.

The ransom note displayed as Hello, your computer is encrypted by me! Yeah,
 that means your EXE file isn't open! Because I encrypted it. So you can
 decrypt it, but you have to tip it. This is a big thing. You can email
 this email: 2200287831@qq.com gets more information.

Ransomware still continues to be a global threat, it’s become a billion-dollar industry that shows no signs of going away anytime soon.

What next: if you’re Infected

  • Disconnect the Network.
  • Determine the Scope.
  • Understand the version or Type of Ransomware.
  • Determine the Strains of Ransomware.

Mitigation

  • Use Strong Firewall to block the command & control server callbacks.
  • Scan all your emails for malicious links, content, and attachment.
  • Block the adds and unnecessary web content.
  • Enforce access control permission.
  • Take regular backups of your data.

Ransomware Attack Response and Mitigation Checklist

Ransomware-as-a-Service – Princess Evolution Ransomware Advertised in Underground Forums

Police Department Infected Again by Ransomware Attack that Already Locked 1 Year of Work-Related Files

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Ivanti EPMM 0-Day RCE Vulnerability Under Active Attack

Ivanti's Endpoint Manager Mobile (EPMM) contains a critical vulnerability chain that has been actively...

Atlassian Alerts Users to Multiple Critical Vulnerabilities Affecting Data Center Server

Atlassian has released its May 2025 Security Bulletin addressing eight high-severity vulnerabilities affecting multiple...

Cybercriminals Could Leverage Google Cloud Platform for Malicious Activities

A Research by Tenable and Cisco Talos has shed light on a critical vulnerability...

Malicious Hackers Create Fake AI Tool to Exploit Millions of Users

A concerning development in the field of cybersecurity is the initiation of a sophisticated...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

Kettering Health Experiences System-Wide Outage Due to Ransomware Attack

Kettering Health, a major healthcare provider, has been hit by what appears to be...

New Ransomware Attack Targets Elon Musk Supporters Using PowerShell to Deploy Payloads

A newly identified ransomware campaign has emerged, seemingly targeting supporters of Elon Musk through...

Researchers Replicate Advanced Tactics and Tools of VanHelsing Ransomware

Cybersecurity researchers at AttackIQ have meticulously emulated the intricate tactics, techniques, and procedures (TTPs)...