SSEAR Ransomware Asks for $100 in Ransom Payment
SSEAR is a form of malicious software functioning as ransomware, with the sole intention of denying victims access to their files through encryption. It accomplishes this by adding "_SSEAR" to the original filenames during the encryption process, effectively transforming, for example, "1.jpg" into "1.jpg_SSEAR" and "2.png" into "2.png_SSEAR," and so forth. The ransomware then presents a ransom note through a pop-up window.
In the ransom note, SSEAR notifies the victim that their computer's data has been securely encrypted. It strongly advises against any attempts to decrypt the files independently and explicitly mentions the utilization of encryption methods like DES and AES-256, suggesting the complexity of the encryption process. To regain access to the encrypted data, the attackers demand a ransom of 100 USTD, while also indicating the possibility of discounted rates for individuals unable to afford the full amount.
Emphasizing the urgency of decryption, the ransom note warns against shutting down the computer, likely to prevent any potential loss of contact or inability to fulfill the ransom demand.
SSEAR Uses Lengthy Ransom Note
The complete text of the SSEAR ransom note reads as follows:
Encryption Attack Ransomware
Notice:
What happened to my computer?
Don't worry, the data in your computer is only encrypted by me, not permanently destroyed by me, please don't try to decrypt it yourself, because this is stupid, I used DES and AES256 two encryption methods, AES256 is used to encrypt your files, DES encrypts the public key and key of AES256, so even if the god comes, it is impossible to decrypt
So what should I do to decrypt my files?
You just have to pay the ransom! The ransom is very cheap, just 100USTD, 100USTD for all your files, is it not worth it? For poor people who cannot afford to pay for more than half a year, we have activities that may be discounted! For example, 100USTD discount to 50USTD and other activities,How should I contact you? Please open your telegram,I have a channel on it and can find me
I have paid the ransom fee, and I have been given a program, how should I use it?
It's very simple, copy your two codes into that program and decrypt them one by one, note that the two codes change in real time Oh, please decrypt within 5 minutes, otherwise he will change into a brand new code!
I don't have time to decrypt the files at the moment, can I turn off the computer
Of course! Your public key and key have been stored by me, but please don't try to use the mentally retarded way of shutting down the computer to escape me, unless you don't want your files anymore.
My cybersecurity worker, your program has been suspected of breaking the law
I'm sorry, but I have already indicated when I published that this is malware and the user opens it voluntarily, the original author does not assume any responsibility (including legal responsibility), and this program is only for learning and communication
This is a business server, what should I do?
I said you have to pay a ransom of 100USTD, otherwise even God's server will not be able to decrypt the filesThat's all I left behind, if you have a ransom ready please come to me
How Can You Protect Your Data From Ransomware Like SSEAR?
Protecting your data from ransomware like SSEAR requires a multi-layered approach that focuses on prevention, detection, and response. Here are some essential steps to safeguard your data:
- Backup Your Data Regularly: Implement a robust backup strategy, keeping multiple copies of your important files on different devices or cloud storage. Regularly test the backups to ensure they are working correctly and are up-to-date.
- Keep Software Updated: Maintain all software, including the operating system, applications, and antivirus programs, up-to-date. Software updates often include security patches that address known vulnerabilities.
- Use Strong Passwords and Enable Two-Factor Authentication (2FA): Use complex, unique passwords for all accounts and enable 2FA whenever possible. This provides an additional layer of security even if your password is compromised.
- Be Cautious with Email and Links: Avoid clicking on links or downloading attachments from unknown or suspicious sources, especially in emails. Be vigilant against phishing attempts and verify the sender's authenticity before taking any action.
- Use Antivirus and Anti-Malware Software: Install reputable antivirus and anti-malware software on your devices and keep them updated to detect and block ransomware threats.
