Thursday, April 24, 2025
HomeComputer SecurityNew Ransomware That Encrypts Only EXE Files on Windows Machines

New Ransomware That Encrypts Only EXE Files on Windows Machines

Published on

SIEM as a Service

Follow Us on Google News

A new ransomware that encrypts only EXE files present in your computer including the ones presented in the windows folder, which typically other ransomware won’t do to ensure the operating system function correctly.

It was first tweeted by MalwareHunterTeam and it has the title as Barack Obama’s Everlasting Blue Blackmail Virus Ransomware, according to its file properties. It is unknown how the attackers distributing the ransomware.

- Advertisement - Google News

Generally ransomware will encrypt other media file’s such as docx, .xls, .doc, .xlsx, .ppt, .pptx, .odt, .jpg, .png, .jpeg, .csv and other to force the victim into making payment, Barack Obama’s Blackmail Virus Ransomware targets only the .EXE file.

The ransomware also encrypts the registry keys that associated with the EXE file to run every time when someone launches the application.

As with any other ransomware, it doesn’t show’s any Ransome amount instead it ask’s victim’s to send an email to “2200287831@qq.com” for payment details.

The ransom note displayed as Hello, your computer is encrypted by me! Yeah,
 that means your EXE file isn't open! Because I encrypted it. So you can
 decrypt it, but you have to tip it. This is a big thing. You can email
 this email: 2200287831@qq.com gets more information.

Ransomware still continues to be a global threat, it’s become a billion-dollar industry that shows no signs of going away anytime soon.

What next: if you’re Infected

  • Disconnect the Network.
  • Determine the Scope.
  • Understand the version or Type of Ransomware.
  • Determine the Strains of Ransomware.

Mitigation

  • Use Strong Firewall to block the command & control server callbacks.
  • Scan all your emails for malicious links, content, and attachment.
  • Block the adds and unnecessary web content.
  • Enforce access control permission.
  • Take regular backups of your data.

Ransomware Attack Response and Mitigation Checklist

Ransomware-as-a-Service – Princess Evolution Ransomware Advertised in Underground Forums

Police Department Infected Again by Ransomware Attack that Already Locked 1 Year of Work-Related Files

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Redis DoS Flaw Allows Attackers to Crash Servers or Drain Memory

A high-severity denial-of-service (DoS) vulnerability in Redis, tracked as CVE-2025-21605, allows unauthenticated attackers to crash...

Google Warns: Threat Actors Growing More Sophisticated, Exploiting Zero-Day Vulnerabilities

Google’s Mandiant team has released its M-Trends 2025 report, highlighting the increasing sophistication of...

Critical Langflow Flaw Enables Malicious Code Injection – Technical Breakdown Released

A critical remote code execution (RCE) vulnerability, identified as CVE-2025-3248 with a CVSS score...

GitLab Releases Critical Patch for XSS, DoS, and Account Takeover Bugs

GitLab, a leading DevOps platform, has released a critical security patch impacting both its...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

Ransomware Actors Ramp Up Attacks Organizations with Emerging Extortion Trends

Unit 42’s 2025 Global Incident Response Report, ransomware actors are intensifying their cyberattacks, with...

Akira Ransomware Launches New Cyberattacks Using Stolen Credentials and Public Tools

The Akira ransomware group has intensified its operations, targeting over 350 organizations and claiming...

Ransomware Attacks Cost Banks $6.08 Million on Average, Triggering Downtime and Reputation Damage

In an era where cybersecurity has become paramount, the banking and financial sectors are...