Pings Ransomware Promises Decryption of One Sample File

ransomware

Pings is a type of malware that came to our attention during the examination of new malware samples. Our analysis revealed that Pings operates as ransomware, aiming to encrypt files, present a ransom note labeled "FILE RECOVERY.txt," and alter file names by appending the ".pings" extension. The primary purpose of Pings is to coerce victims into paying a ransom in exchange for the decryption of their data.

To illustrate the impact of Pings on files, consider the following examples: "1.jpg" is transformed into "1.jpg.pings," and "2.png" becomes "2.png.pings," and so on. The ransom note notifies victims about the encryption of their files and provides instructions for decryption. The attackers demand payment in Bitcoin, assuring that the decryption tool will be dispatched once the payment is received. As a gesture of assurance, the note allows for free decryption of one file, subject to specific limitations on file size and content.

The note contains a cautionary message discouraging the renaming of encrypted files or attempting decryption using third-party software, citing the risk of irreversible data loss. Additionally, it advises against deleting files with a particular extension to prevent permanent damage. Victims are directed to establish contact with the attackers through email (new_pings@tutanota.com), using a provided ID for communication related to the ransom and decryption procedures.

Pings Ransom Note in Full

The complete text contained in the Pings ransom note reads as follows:

YOUR FILES ARE ENCRYPTED !!!

TO DECRYPT, FOLLOW THE INSTRUCTIONS:

You have to pay for decryption in Bitcoins. The price depends on how fast you write to us. After payment we will send you the decryption tool that will decrypt all your files.
Free decryption as guarantee
Before paying you can send us up to 1 file for free decryption. The total size of files must be less than 1Mb (non archived), and files should not contain valuable information. (databases,backups, large excel sheets, etc.)

Attention!
Do not rename encrypted files.
Do not try to decrypt your data using third party software, it may cause permanent data loss.
If you delete a file with an extension (_TMP) This will cause this file to permanently damage!!!!!

Decryption of your files with the help of third parties may cause increased price (they add their fee to our) or you can become a victim of a scam.

If you want to restore them, write us to the e-mail
new_pings@tutanota.com
Write this ID in the title of your message
ID:-

How Can Ransomware Infect Your System?

Ransomware can infect your system through various methods, and attackers are constantly evolving their techniques. Here are common ways ransomware can infiltrate a system:

Phishing Emails: One of the most prevalent methods is through phishing emails. Attackers send deceptive emails containing malicious attachments or links. Clicking on these links or opening infected attachments can trigger the download and execution of ransomware.

Malicious Websites and Ads: Visiting compromised or malicious websites and clicking on deceptive ads can lead to the unintentional download of ransomware. Drive-by downloads and malvertising (malicious advertising) are common tactics used by cybercriminals.

Exploit Kits: Cybercriminals may use exploit kits to take advantage of vulnerabilities in software or browsers. When a user visits a compromised website, the exploit kit scans for vulnerabilities and delivers the ransomware payload to exploit those weaknesses.

Malicious Software Updates: Attackers can compromise legitimate software updates or use fake software updates to distribute ransomware. Users who unknowingly install these updates may inadvertently infect their systems.

Network Vulnerabilities: Exploiting vulnerabilities in a network's security infrastructure allows ransomware to spread laterally across systems. This can happen if a system is not properly patched or if security measures are not adequately implemented.

To protect against ransomware, it is crucial to maintain up-to-date security software, regularly update systems and software, be cautious when clicking on links or opening attachments, and implement proper security practices such as data backups and network segmentation. Regular cybersecurity awareness training for users can also help mitigate the risk of falling victim to ransomware attacks.

By Zaib
January 12, 2024
Ransomware
English
January 12, 2024
Ransomware

Popular Posts

As Fears of the Coronavirus Pandemic Spread, So Does...

4 years ago

Microsoft Warns State-Backed Threat Actors Are Using AI in...

4 days ago

Trojan Al11 Malware Detection & Removal - An Essential...

11 months ago

Pinaview is a Fully-Featured Adware App

10 months ago

"Your iCloud is Being Hacked" and "Your iPhone has Been...

7 months ago

What is Lucky Ransomware?

7 months ago

Related Posts

Ransomware

Deno Ransomware

A new ransomware variant that belongs to the Conti family was spotted in the wild in late July 2022. The new strain is called Deno ransomware. There is little that the ransomware does to set itself apart from other... Read more

June 29, 2022
Ransomware

Remove Decryption#1222 Ransomware

Decryption#1222 Ransomware is a dangerous threat whose creators is extorting the victims for money. Just like other ransomware applications, this one also works by encrypting the victim's files, therefore preventing... Read more

April 29, 2022
Ransomware

Remove Lisa Ransomware

The Lisa Ransomware infection is something that you should avoid at all costs. If this threat manages to infect your system, it will immediately render the majority of your files inaccessible. It does so by encrypting... Read more

December 17, 2021
English
Loading...

Cyclonis Backup Details & Terms

The Free Basic Cyclonis Backup plan gives you 2 GB of cloud storage space with full functionality! No credit card required. Need more storage space? Purchase a larger Cyclonis Backup plan today! To learn more about our policies and pricing, see Terms of Service, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Cyclonis Password Manager Details & Terms

FREE Trial: 30-Day One-Time Offer! No credit card required for Free Trial. Full functionality for the length of the Free Trial. (Full functionality after Free Trial requires subscription purchase.) To learn more about our policies and pricing, see EULA, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Home

Products

Cyclonis Backup Cyclonis Password Manager Cyclonis World Time

Support

Help Files FAQs Downloads Inquiries & Support

Company

About Us Contact Us Report Abuse

Legal (Post Merger)

EnigmaSoft Limited (fka Cyclonis Limited)

Cyclonis Backup's Terms of Service Cyclonis Password Manager's EULA Cyclonis World Time's Terms of Service Privacy Policy Cookie Policy Special Discount Offer Terms Additional Terms & Conditions SpyHunter EULA RegHunter EULA EnigmaSoft Privacy Policy & Cookie Policy ESG Privacy Policy & Cookie Policy EnigmaSoft Discount Offer Terms ESG Discount Offer Terms

© 2017-2024 Cyclonis Ltd. CYCLONIS is a trademark of EnigmaSoft Limited (Cyclonis was merged into EnigmaSoft Limited effective November 25, 2023.) All rights reserved.

Registered Office EnigmaSoft Limited: 1 Castle Street, 3rd Floor, Dublin 2 D02 XD82, Ireland.
EnigmaSoft Limited, Private Company Limited by shares, Company Registration Number 597114.

Windows is a trademark of Microsoft, registered in the U.S. and other countries.
Mac, iPhone, iPad and App Store are trademarks of Apple Inc., registered in the U.S. and other countries.
iOS is a registered trademark of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
Android and Google Play are trademarks of Google LLC.