Whoopsie Ransomware

What is Whoopsie Ransomware?

If you are seeing a message saying: “Whoopsie Do NOT close this Window! (otherwise your files are gone for ever and cant be recovered!)” you most likely came across Whoopsie Ransomware. It is a malicious threat designed for money extortion, although we doubt the cybercriminals who created it are using it for this purpose yet. As you see even though the malware’s warning may demand to pay a ransom, it does not provide the information on how to make the payment. Because of this, we believe Whoopsie Ransomware might be still unfinished and could be spread among a few victims to test it. If you are one of the unfortunate users who might have encountered it, we advise you to keep reading the text to find out more important details and then erase the threat with the instructions available below or a legitimate antimalware tool.testtest

Where does Whoopsie Ransomware come from?

Since we cannot even tell if Whoopsie Ransomware is being spread yet, it is even more difficult to say how it could be distributed. In most cases, cybercriminals who create such malicious applications spread them via fake updates, malicious bundled installers, infected email attachments, and so on. As you probably realize, defending the device from such malware might be somewhat tricky and you may need to take some extra precautions. For instance, every time you download or receive a file from unknown sources or for reasons you do not understand, our researchers at Anti-spyware-101.com would advise scanning such data with a legitimate antimalware tool you trust.

How does Whoopsie Ransomware work?

Whoopsie Ransomware should start encrypting various files that could be important to the user right after its launch as it does not need to create any data or Registry entries to settle in. It seems all of its encrypted files should have a second extension called .enc. It is supposed to appear at the end of encrypted files’ titles, e.g., picture.jpg.enc, text.txt.enc, and so on. The next malware’s move is showing a ransom note, which should be displayed on a small red window called “Whoopsie.” The warning may claim all files were encrypted with a secure cryptosystem called Advanced Encryption Standard or AES in short. It should also explain it can be decrypted only with a unique decryption key generated during the encryption process. Finally, to acquire it the ransom note might suggest paying a ransom in Bitcoins (the amount worth of 50 euros). Strangely, the Whoopsie Ransomware’s note does not say where to make the payment, which is why it is impossible to do so for now. On the other hand, we would not advise paying it even if you could because the hackers may not have the promised decryption key and might not hold on to their end of the deal.

How to erase Whoopsie Ransomware?

Provided, we believe it is safer to get rid of Whoopsie Ransomware than put up with any demands; we also offer instructions showing how to remove it manually (you will find them at the end of this text). Less experienced users who find the process to be too complicated could employ a legitimate antimalware tool and perform a full system scan. During it, the malware would be detected and to erase it the user would only need to press the provided removal button.

Eliminate Whoopsie Ransomware

  1. Press Ctrl+Alt+Delete.
  2. Select Task Manager.
  3. Search for the threat’s process.
  4. Select this process and click End Task.
  5. Leave Task Manager.
  6. Tap Windows key+E.
  7. Navigate to the following paths:
    %TEMP%
    %USERPROFILE%\desktop
    %USERPROFILE%\downloads
  8. Find the file that infected the device.
  9. Right-click the malicious file and press Delete.
  10. Locate key.txt, then right-click it and press Delete.
  11. Close File Explorer.
  12. Empty your Recycle bin.
  13. Restart the system. 100% FREE spyware scan and
    tested removal of Whoopsie Ransomware*
Disclaimer
Disclaimer

Leave a Comment

Enter the numbers in the box to the right *