Jigsaw Ransomware: Pay $150 in bitcoin with live support or get files deleted


Reading time: 10 minutes

jigsaw ransomware

Jigsaw Ransomware which targets Microsoft Windows first appeared in 2016. The ransomware is named after an iconic character that appears in the ransom note. The ransomware is desgined to spread through malicious attachments in spam emails. The ransomware was first disclosed in 2016 and targets Microsoft Windows. It not only encrypts the user's files but also deletes them if the user takes too long to make the ransom payment of $150.

It was initially named BitcoinBlackmailer. The unique part is that it provided live support to help victims get bitcoin.

Method For Spreading and its After effects


The Ransomware spreads through spam emails inside the malicious attachments.

After the user clicks on the malicious attachment, the malware gets activated and it encrypts all user files and master boot record. After which the ransomware starts demanding bitcoin in exchange for decrypting the files. If the amount is not paid the number of files is deleted and significantly increased each time, from a few documents to thousands of documents until the computer is wiped completely after 72 hours.

Mitigation For The Ransomware


  • A decryptor is available for free of cost for the ransomware. Update the firewall and applications from time to time to patch old bugs.
  • Always keep the backup of the data in case if the data is deleted in a Ransomware attack.

MCQ

Question 1

When was The Jigsaw ransomware first seen?

2016
2017
2015
2018

Question 2

The Ransomware spreads through which medium?

Spam Emails
DDoS
Botnet
Cloud