Eoeo ransomware is a file-locking virus that encrypts data twice

At the second week of September 2018, on 06 September, team of security analysts have discovered a new ransomware named Eoeo ransomware. The name of this ransomware is named by its developer after the Korean boyband’s (UNIQ) song. Some of the malware researchers have revealed that it primarily targeted the Asian region users but in reality, it is capable for targeting whole world. Similar to traditional ransomware, it also locks users content and demands for ransom fee. But what makes it differ from other ransomware, you will know in this post.

An Overview on Eoeo ransomware

Eoeo ransomware is another most dangerous cryptovirus created by the group of cyber hackers to take hostage of users files after making them inaccessible and then after demands users for virtual ransom in order to decrypt their files. The proliferation method and notorious behavior of such a ransomware is similar to traditional one. It is also capable to target almost all System based on Windows Operating System.

Points That Makes Eoeo ransomware Differ From Another Ransomware

If you really want to know about the most notable feature of Eoeo ransomware then you must know about it’s extension, encryption method and ransom note. This ransomware typically uses .eoeo file extension to target users files. It uses symmetrical AES encipher algorithm to target users generated content and almost all System file types including audio or video files, documents, PDFs, databases, spreadsheets, excels and many more. This ransomware is written in the AutoIt language.

After the depth analysis by researchers, they revealed a very surprising feature of Eoeo ransomware. They revealed that Eoeo ransomware is capable to lock users file for several time including 8 and many more. It makes the targeted data end up with the repetitive and long name. The another most notable thing about this ransomware is its empty ransom note.

After performing the encryption, it’s developer has dropped several ransom text files dubbed as Readme.lol file extension in several directories but none of them had written anything. Since it it informed victim about the current situation of PC, asks to require ransom payment and make contact to its developers. But the missing part makes users unable to pay ransom fee.

Ways Through Which Eoeo ransomware Infects PC

As it is mentioned in the above paragraph that Eoeo ransomware uses the AutoIt language, a freeware automation language used in Windows PC to create free macros. The developers of such a ransomware often inserted the free macros into MS Word documents. Spam emails includes such a macro-enabled MS documents. These emails includes short body message that tries to convince recipient to download and open the spam email. Once the System user open such a bogus file, there System is automatically gets infected by Eoeo ransomware.

Leave a Comment

Your email address will not be published. Required fields are marked *