WhiteRose ransomware: symptoms and decryption possibilities

Posted on by paulo

Ransomware viruses are not a new threat in the cyber world. New variants are being released every day, and this specific WhiteRose version has been active since the end of March, 2018. Despite its short-term success, security researchers have already figured out a way to help victims of this infection. You can tell that this variant has invaded your computer from the extension, appended to the locked digital files: .WHITEROSE.

According to security specialists, this is ransomware belongs to the family of InfiniteTear infections and uses Remote Desktop services for distribution. Gathered evidence also reveals that WhiteRose virus targets countries from Europe. Therefore, people from countries like Spain, Germany, Poland and etc might have become victims of this devastating ransomware infection.

WhiteRose ransomware

From the first glance, WhiteRose virus might seem like an ordinary ransomware infection. However, the creators of this cyber threat have a poetic side of them. Victims and researchers are confused over the content of the WhiteRose’s ransom note. It contains sentences like:

“This time, I will plant all the white roses of the garden to bring a different gift for the people of each country. No matter where is my garden and where I am from, no matter if you are a housekeeper or a big company, it does not matter if you are the west of the world or its east, it is important the white roses are endless and infinite”.

This is definitely not a standard text for hackers to include into their ransom demands.

After entering a computer, the WhiteRose virus will create a Perfect.sys file in the C disk. Upon this addition, the ransomware will look for files that are fit to be encrypted. Researchers suggest that the virus is capable of encrypting dozens of different file types.

Therefore, users’ documents, photos, videos and other system files are in huge danger. However, there are some folders that the virus won’t touch, like the trash and Windows folders. In the ransom note of this ransomware, victims will also notice a huge rose, made out of symbols. Luckily, Michael Gillespie has managed to find a way to help the victims of this WhiteRose ransomware. People who have become infected should contact this researcher and ask for help.

Leave a Reply

Your email address will not be published. Required fields are marked *

* Copy This Password *

* Type Or Paste Password Here *