Ransomware GoodWill Detected in India, Makes Victims Donate to Fake Causes


Ransomware GoodWill Detected in India

Without the decryption key, the GoodWill ransomware worm encrypts documents, images, movies, databases, and crucial files, rendering them unusable.

A new ransomware has been discovered in India that requires victims to provide new clothes to the destitute, feed children at branded pizza restaurants, and provide financial assistance to anyone who requires immediate medical attention but cannot afford it.
The Goodwill ransomware, according to the organisation, might cause a temporary and possibly permanent loss of company data, as well as a probable closure of operations and income loss.

“CloudSEK researchers discovered the GoodWill malware in March 2022.
The operators of the threat organisation, as the name implies, are reportedly motivated by social justice rather than conventional financial gain “In a report, stated.

The GoodWill ransomware worm encrypts documents, images, movies, databases, and other vital assets and renders them inaccessible without the decryption key once it has been infected.

“In exchange for the decryption key, the actors suggest that victims perform three socially motivated activities: donate new clothes to the homeless, record the action, and post it on social media; take five less fortunate children to Domino’s Pizza Hut or KFC for a treat, take pictures and videos, and post them on social media; and provide financial assistance to anyone who requires urgent medical attention but cannot afford it, at a nearby hospital, record audio, and share it with others.”

After completing all three acts, the ransomware requests that victims post a note on social media (Facebook or Instagram) explaining “how you turned yourself into a good human being by becoming a victim of a ransomware called GoodWill.”
The ransomware operators verify the victim’s media files and social media posts after they complete all three tasks.

According to the article, the actor will then distribute the entire decryption kit, which includes the main decryption tool, a password file, and a video lesson on how to retrieve all crucial files.

The email address provided by the ransomware gang was traced back to an India-based IT security solutions & services company that provides end-to-end managed security services, according to the study.

0 0 votes
Article Rating
Notify of

Inline Feedbacks
View all comments

Latest news


Table of Contents1. Make use of keyboard shortcuts2. A universe of widgets and integrations3. Use technology to defeat technology4....

10 Best Backpacking and Camping gadgets 2024

Table of Contents10 Best Backpacking and Camping gadgets1. Living Lodge at Snow Peak M2. Camper JISULIFE Fan3. NOMAD Smoker...

20 Cool Smart home Gadgets on Amazon 2024, trend this year!

Table of Contents20 Cool Smart home Gadgets on Amazon1. Twelve South AirFly Pro Bluetooth Wireless Audio Transmitter/Receiver:2. PhoneSoap Dual...

Top 10 gadgets to buy under Rs.1000

Table of ContentsTop 10 gadgets to buy under Rs.1000 on Amazon India1. pTron Bullet Pro 36W PD Quick Charge2....

Latest Updates

Must read

Crypto exchange FTX is getting into stock trading

It will first be available to a small number...

New YTStealer Malware Steals Accounts From YouTube Creators

YouTube video producers are the target of a new...

You might also likeRELATED
Recommended to you

Would love your thoughts, please comment.x