Ransomware GoodWill Detected in India, Makes Victims Donate to Fake Causes


Ransomware GoodWill Detected in India

Without the decryption key, the GoodWill ransomware worm encrypts documents, images, movies, databases, and crucial files, rendering them unusable.

A new ransomware has been discovered in India that requires victims to provide new clothes to the destitute, feed children at branded pizza restaurants, and provide financial assistance to anyone who requires immediate medical attention but cannot afford it.
The Goodwill ransomware, according to the organisation, might cause a temporary and possibly permanent loss of company data, as well as a probable closure of operations and income loss.

“CloudSEK researchers discovered the GoodWill malware in March 2022.
The operators of the threat organisation, as the name implies, are reportedly motivated by social justice rather than conventional financial gain “In a report, stated.

The GoodWill ransomware worm encrypts documents, images, movies, databases, and other vital assets and renders them inaccessible without the decryption key once it has been infected.

“In exchange for the decryption key, the actors suggest that victims perform three socially motivated activities: donate new clothes to the homeless, record the action, and post it on social media; take five less fortunate children to Domino’s Pizza Hut or KFC for a treat, take pictures and videos, and post them on social media; and provide financial assistance to anyone who requires urgent medical attention but cannot afford it, at a nearby hospital, record audio, and share it with others.”

After completing all three acts, the ransomware requests that victims post a note on social media (Facebook or Instagram) explaining “how you turned yourself into a good human being by becoming a victim of a ransomware called GoodWill.”
The ransomware operators verify the victim’s media files and social media posts after they complete all three tasks.

According to the article, the actor will then distribute the entire decryption kit, which includes the main decryption tool, a password file, and a video lesson on how to retrieve all crucial files.

The email address provided by the ransomware gang was traced back to an India-based IT security solutions & services company that provides end-to-end managed security services, according to the study.

0 0 votes
Article Rating
Notify of
Inline Feedbacks
View all comments

Latest news

Vivo Y01A Spotted On BIS Certification Website; Expected To Launch In India Soon

The Vivo Y01A is anticipated to go on sale in India for less than Rs. 10,000. According to a report,...

Samsung Galaxy XCover6 Pro With 5G, Wi-Fi 6E Compatibility Unveiled, To Go On Sale Starting July

The 6.6-inch PLS LCD screen on the Samsung Galaxy XCover6 Pro has FHD+ resolution and a 120Hz refresh rate. The...

Ambrane Stylo Max Power Bank With 50,000mAh Battery Capacity Launched In India

Ambrane's first-ever power bank, the Stylo Max, was introduced. In India, Ambrane debuted the Stylo Max 50,000mAh power bank.According to...

Samsung To Launch A New Galaxy M-Series Smartphone In India On July 5

On July 5, at 12:00 IST, a new Samsung Galaxy M-series smartphone will be unveiled. On July 5, Samsung is...

Latest Updates

Must read

Watch a swarm of drones autonomously track a human through a dense forest

I hear the swarm a comin’, it’s buzzing round...

“Bartending Only Meant for Humans?” Proven wrong By ROBO-Bartender

Robo-Bartender in South Korea helps in Making the Best...

You might also likeRELATED
Recommended to you

Would love your thoughts, please comment.x