Bitcoin Ransomware Education – Mole

Using an older version of ransomware source code to develop a somewhat more powerful strain is nothing new in the world of cybercrime. In fact, most types of ransomware are all clones of other families, with a few different twists and features. Mole ransomware is one of the newer strains researchers have discovered, even though it is a clear “copy” of CryptoMix. That doesn’t make it less dangerous, though.

Mole Ransomware Can Become A Big Problem

Security researchers were quick to point out that, while Mole may appear to be a new ransomware type, it really isn’t. To be more specific, they uncovered it shares a lot of similarities with CryptoMix ransomware

types, including Revenge and CryptoShield. That being said, every clone of the original has added some new features, and Mole is no different in this regard.

As we have grown accustomed to these days, Mole ransomware is distributed through massive spam email campaigns. All of these emails pertain to alleged shipping notifications, although customers have probably never ordered anything that would be shipped through USPS. Then again, the email looks somewhat convincing, since it pertains to a delivery regarding a specific parcel. Once the recipient tracks the parcel number through the regular website, however, nothing will show up.

The email itself contains a hyperlink for users to click, which will trigger the ransomware payload distribution. Users are redirected to a fake Word document displaying an unreadable file which requires a specific plugin to be translated properly. Installing the plugin effectively results in installing the Mole ransomware on the target computer. Rest assured there will be some people who fall for these obvious scams regardless of how obviously fake the whole ordeal is.

Related Post

Once the Mole ransomware is installed on the computer, it will immediately start the file encryption process. In fact, it is quite creative in this regard, as users will first see a fake alert on the desktop. Once the user clicks “OK” the ransomware itself will receive administrator privileges. That situation needs to be avoided at all costs, as it will only make the infection even more potent.

Speaking of file encryption, Mole uses AES-256 encryption to go about its business. Moreover, file encryption key is encrypted with this AES-1024 public encryption as well. As one would expect from malicious software these days, Mole has no plans to let victims off the hook easily. All Windows Shadow Volume Copies will be deleted and Windows startup recovery will be disabled automatically. This means recovering data from a previous backup will be virtually impossible, assuming the ransomware has been granted administrator privileges.

The ransom note forces users to contact the Mole developers with their unique decryption ID. Payment instructions will be delivered at a later date, and it appears as if the requested ransom is randomly determined for every individual victim. It remains to be seen if security researchers can come up with a convenient solution to get rid of Mole ransomware, but for now, there is no way to get rid of this malicious software without taking a data loss or paying the ransom in bitcoin.

If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.

JP Buntinx

JP Buntinx is a FinTech and Bitcoin enthusiast living in Belgium. His passion for finance and technology made him one of the world's leading freelance Bitcoin writers, and he aims to achieve the same level of respect in the FinTech sector.

Share
Published by
JP Buntinx

Recent Posts

FOMO Selling Trigger $1 Billion Liquidations as LINK & SOL Bleed Heavily; What to Do Next?

In the past, Chainlink (LINK) and Solana (SOL) have been among the most discussed altcoins…

3 hours ago

Qubetics $7.4M Presale Revolutionises Blockchain as Bitcoin and Chainlink Drive Innovation: Best Cryptos to Buy for 2025

The crypto market is abuzz with excitement as 2025 approaches. While Bitcoin continues to dominate…

9 hours ago

Best Altcoins to Buy Today: Why Qubetics’ Presale Could Be the Best Investment Opportunity of 2024

The cryptocurrency market never sleeps, and every day feels like an adventure. From household names…

15 hours ago

Forget DOGE and SHIB: These 5 Memecoins Are 2025’s Millionaire Makers

The memecoin craze is evolving, and a new wave of contenders is rising. With fresh…

23 hours ago

While Ethereum Approaches $6K, XYZVerse Prepares for a 16,900% Market Shakeup

As Ethereum's value inches toward unprecedented heights, another digital asset is set to make a…

24 hours ago

Four Meme Coins That Might Disappoint and One That Could Deliver Big Gains

Meme coins are the wild cards of the crypto world—one day they're "to the moon,"…

24 hours ago