What is Redants Ransomware?
Malicious software analysts at Anti-spyware-101.com have recently tested a ransomware called Redants Ransomware. It is a highly malicious computer infection that you ought to remove because it can encrypt your files with an advanced encryption algorithm and then drop a text file that might be a ransom note. However, it appears that this program is still in development, so some of it is incomplete, and the other half is semi-functional. Still, its full version might soon come out, and it is important for everyone to know what they are dealing with. The test version was distributed at some point, so if your PC has become infected with it, then we invite you to read this whole article.
Where does Redants Ransomware come from?
Evidently, Redants Ransomware was created by cyber criminals that have dedicated this application to performing malicious actions. Researchers say that this particular program has some similarities with Hidden-Tear. Previously, Hidden-Tear was used for the creation of CryptoKill Ransomware and Korean Ransomware, and it seems that Redants Ransomware the newest attempt. However, this particular ransomware has no connection to the aforementioned ransomware as far as the developers are concerned. Now let us take a look at how this ransomware might be distributed.
Unfortunately, there is not a lot of information about how this ransomware is distributed. However, looking at the way Hidden-Tear and the programs similar to it were distributed, we believe that Redants Ransomware should be distributed through malicious emails. The emails are typically disguised so that the potential victim would not notice. The malicious files should be zipped, and its name might be random as well. It does not have a dropper file, so the file you launch is this ransomware’s main executable.
What does Redants Ransomware do?
If you are unfortunate to launch this ransomware, then it will start scanning your computer for files of interest and then start encrypting them. Our malware analysts say that it uses the AES encryption algorithm and creates a public encryption and private decryption keys. The ransomware send the decryption key should send the decryption key to the command and control server as it does connect to the Internet. While encrypting your files, Redants Ransomware will append them with the ".Horas-Bah" file extension and then drop a text file on the desktop called "READ_ME.txt" once the encryption is done. However, the text file has only three lines of text that are “Test Ransom,” “123123,” and “my email jaw@jaw.id.” This file should be the future ransom note, but since it is at its test stage, there is no information about how and how much you should pay. Regardless, you should not comply with cyber criminals, so we suggest that you delete this ransomware.
How do I remove Redants Ransomware?
Redants Ransomware is a highly dangerous application that can render you personal files useless. Its developers want to extract money from you, but we suggest that you remove this malicious program instead. Our malware analysts have made a guide that will hopefully help you delete this infection manually. However, if you experience difficulties, we suggest using an anti-malware program such as SpyHunter to eradicate it for you.
How to delete Redants Ransomware
- Locate the malicious executable (look in Downloads folder, desktop).
- Right-click it and click Delete.
- Delete READ_ME.txt from the desktop.
- Empty the Recycle Bin.
tested removal of Redants Ransomware*
0 Comments.