Blackware Ransomware

What is Blackware Ransomware?

A message saying “Attention user!  Your computer has been locked by Blackware Ransomware Version 1.0,” can only mean you have encountered a threat called Blackware Ransomware. It locks the user’s screen and shows a warning that besides the already mentioned statement claims the user has to pay 0.057 Us dollars to regain his valuable data. Such a sum is extremely tiny compared to prices usually asked by cybercriminals, and the account for transferring the money appears to be fake. Therefore, we believe this malware might be still in development. If you continue reading our article, we will tell you more about it, including where it could come from and how it works. Also, users who wish to erase Blackware Ransomware manually can find manual deletion instructions prepared by our specialists at the end of this text.

Where does Blackware Ransomware come from?

Most ransomware applications come with malicious email attachments or files downloaded from unreliable web pages. In other words, victims of Blackware Ransomware might have only themselves to blame for not being cautious enough with suspicious data from the Internet. If you do not wish to launch malicious applications accidentally in the future, we advise downloading software or any other content only from legitimate websites. Plus, it would be a good idea not to open email attachments if they come from unknown senders, with Spam, or arrive with messages raising suspicion.

How does Blackware Ransomware work?

Blackware Ransomware does not encrypt any files located on the computer like other similar infections. It should lock the user’s screen right after its launch. Our researchers at Anti-spyware-101.com say malware does it by displaying a borderless window on top of the victim’s screen. There is no way to close it except by entering the right password into the threat’s window. Luckily, we found the password (RanS0MKeYY23SjLRiOwnEr) while inspecting the malicious application’s file, and after inserting it, the computer got unlocked. If you enter anything, but the mentioned passcode the malware should display a message saying “Incorrect password.”

As said earlier the warning on the infection’s window displays a fake Bitcoin wallet address. Just take a closer look and instead of random letters and numbers you should be able to read “Fake Bitcoin Address for ransomware.” Naturally, if the threat ever gets updated the hackers should provide an existing account. Also, the ransom would be most likely more significant as well. Another thing we would like to mention before talking about Blackware Ransomware’s deletion is why you should do so. Our researchers learned the malicious application creates a specific Registry entry that might make the system launch the threat after each restart, which means if you do not remove it, it could lock your screen all over again.

How to erase Blackware Ransomware?

It is possible to remove Blackware Ransomware manually, and the instructions available below this paragraph will explain the process in detail. However the task could be difficult for less experienced users, and if you do not think you can handle it, we recommend employing a legitimate antimalware tool instead.

Eliminate Blackware Ransomware

1. Unlock the screen by inserting RanS0MKeYY23SjLRiOwnErinto the provided box.
2. Click Ctrl+Alt+Delete.
3. Pick Task Manager and select Processes.
4. Check if the threat has a running process.
5. Select it and click End Task.
6. Exit Task Manager.
7. Click Windows key+E.
8. Locate these paths:
   %TEMP%
   %USERPROFILE%\Downloads
   %USERPROFILE%\Desktop
9. Locate the malicious application’s launcher.
10. Right-click it and select Delete.
11. Exit File Explorer.
12. Press Windows key+R.
13. Insert Regedit and click Enter.
14. Locate the given directory: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
15. Identify a value name dropped by the threat, for example, Blackware.
16. Right-click this value name and press Delete.
17. Exit Registry Editor.
18. Empty your Recycle Bin.
19. Restart the computer. Download Removal Tool100% FREE spyware scan and
    tested removal of Blackware Ransomware*