SnowPicnic Ransomware

What is SnowPicnic Ransomware?

Anti-Spyware-101.com research team is warning about SnowPicnic Ransomware, which could potentially work as a file-encrypting, ransom-demanding threat. At this time, this “ransomware” is not functional, and there is a possibility that it will never see the light of day, so to speak. That being said, we simply cannot guarantee that this malware will never be used for its intended purpose, and that is why we are reporting it right away. Without a doubt, NOW is the time to secure your system and prepare for a potential ransomware attack. Since there are, literally, hundreds of other file-encryptors that can attack you today, you really need to take action. If you continue reading, you will learn how to take care of your system, as well as how to remove ransomware if it manages to slither in. We also talk about deleting SnowPicnic Ransomware. First, scan your operating system to check if you are not currently battling malware that requires attention. If your system is clear, focus on protecting it.

How does SnowPicnic Ransomware work?

SnowPicnic Ransomware might have been created as a “joke” infection, or it could have been created by cyber criminals testing different variants of ransomware. It also could be in development stages, and we might see it fully formed in the near future. The samples that our Anti-Spyware-101.com research team tested did not encrypt files or make clear ransom demands, but the potential is there. The infection is built using the well-known Hidden Tear source code, and it has been successfully used by the creators of EnybenyCrypt Ransomware, SymmyWare Ransomware, ShutUpAndDance Ransomware, and many other known infections. They all require removal. Our research team has also managed to find out that the threat was specifically created by the same attackers who created Scrabber Ransomware. It is worth mentioning that this malware was not functional at the time of research as well. Unfortunately, both of these threats are like ticking bombs that could go off at any point. This is why we are discussing them and their removal.

After successful execution, SnowPicnic Ransomware is meant to encrypt files and add “.snowpicnic” to all of their names. The threat is designed to target over 140 different files, including JPG, DOC, and PDF. Basically, the threat is meant to encrypt personal files, which is why it is not surprising that it is also programmed to avoid system files in such directories as %PROGRAMFILES%, %PROGRAMFILES(x86)%, or %WINDIR%. After the encryption of files, SnowPicnic Ransomware is meant to create “Read.TXT” and “Read.HTML” files, both of which should inform the victim about the encryption and demand a ransom payment. At the moment, however, the threat demands this: “And for decrypt: Buy to my wallet 0 bitcoins, not 0.5, not 1, not 2, 0 bitcoins!” This is why it is also dubbed “0BtcRansoware.” Could the ransom note change? It absolutely could, and so we must take this infection seriously. Even if users around the world might not need to worry about removing it now, who knows what tomorrow might bring?

How to delete SnowPicnic Ransomware

Do you need to remove SnowPicnic Ransomware from your operating system? Even if that is not the case, you must not forget that there are hundreds and thousands of other file-encryptors that are fully functional and that can cause big problems. Once ransomware invades and encrypts files, they cannot be decrypted, and so the first thing you should do is set up a reliable backup. We suggest using online cloud services or external drives to back up files. If they are backed up, you will not need to worry about the originals being corrupted or deleted. Second, you need to secure your operating system. That is your first line of defense. We suggest installing anti-malware software. It also can be used for the removal of other existing threats. Finally, you need to remember to be cautious. If you open random email attachments, click on strange links, visit unreliable websites, and do other risky things, it might be a matter of time only before malware attacks.

Removal Guide

1. Find and Delete all recently downloaded files.
2. Find and Delete all copies of the ransom note files READ.txt and READ.html.
3. Empty Recycle Bin to eliminate these malicious components.
4. Install and run a legitimate malware scanner to check for threats you might have overlooked. Download Removal Tool100% FREE spyware scan and
   tested removal of SnowPicnic Ransomware*