Barack Obama ransomware only encrypts .exe files

News by Robert Abel

Former President Barack Obama may have blown through his US$ 65 million (£51 million) book deal and has resorted to blackmailing unsuspecting internet users in ransomware attacks judging by the name of a recent ransomware.

Former President Barack Obama may have blown through his US$ 65 million (£51 million) book deal and has resorted to blackmailing unsuspecting internet users in ransomware attacks judging by the name of a recent ransomware.

The oddly named "Barack Obama's Everlasting Blue Blackmail Virus Ransomware" was first spotted by the MalwareHunterTeam and was noted for only encrypting .exe files on a computer before displaying an image of President Obama asking for a "tip" to decrypt the files.

Once executed, the malware inspires change by terminating the processes associated with antivirus software including Kaspersky, McAfee, and Rising Antivirus before it scans the computer for .exe files to encrypt, according to Bleeping Computer.

The ransomware also modifies the Registry keys associated with .exe files so that they use a new icon and run the virus every time someone launches an executable as part of the encryption process.

It's currently unknown who is behind the malware or if its distributors have any intention of providing decryption keys if paid as victims can only hope researchers develop a decryption key soon. Before the 2016 election, cyber-criminals in a similar fashion, created a Donald Trump Ransomware but their version was still in development and contained built-in decryption.

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews