The ransomware known as Noob is kind of the laughing stock of the ransomware world. The virus was first spotted in mid-2016. Noob looks like a joke ransomware, as it often taunts victims for imputing wrong passwords. The virus’s protection is pretty easy to crack, as the Noob developers use the same key for all locked PCs.
A New Noob Awakens!
This new version of Noob seems pretty much the same as the old one. It uses the same key “lsakhBVLIKAHg.” If the user punches in a different passwords like “123″, the Noob virus will insult him for not paying the ransom. Like most ransomware viruses, Noob searches for particular files to encrypt. The virus hunts down the following types:
txt,doc,dot, docx, docm, dotx, ico ,m3u,m4u,mid, mpa,wma, ra, avi,mp4,3gp, mov, 3g2,asf, asx, flv, wmv, vob, m3u8,
accdb, db, dbf, mdb, pdb, sql,jpg,jpeg,raw,tif,gif,png,bmp,, dotm,docb,wpd, pdf,xls, xlt, xlm, xlsx, xltx, xltm, xlsb, cdx, xla,xlam,xll,xlw,ppt,pot,pps, pptx, pptm,potx,potm, wav, ppam,ppsx,ppsm,sldx, sldm, mp3,aif,iff
Noob then tweaks a few windows registry keys so the virus can start along with the PC. The virus will lock the victim’s screen and display this message:
“Your personal files is are encrypted!
Made in R0MANIA
Your documents, photos, databases and other important files have been encrypted with strongest encryption and unique key, generated for this computer.
Private decryption key is stored on a secret Internet server and nobody can decrypt your files until you pay and obtain the private key.
You have 48 hours to pay 250 NZD in Bitcoins to get the decryption key.
Every 2 hours files will be deleted.Increasing in amount every time frame.
If you do not send money within provided (deadline time) your files will be permanently crypted and no one will be able to recover them.
Time left until your files will be DELETED! – Don’t try to trick us.
Send approximately 250NZD to this BTC Address I have paid, check.
$50
1JrYNuMaE4VXKrod2gA9keBo6nzPvtaoZ6
In order to pay use a Phone or a Laptop!
Information CHECK”
A Picture of the Ransomware Note Courtesy of Jakub Kroustek:
The Noob Ransomware Virus – Is It A Joke?
Some may find it ironic that a virus that insults its victims for being “noobs” will also make such a rookie mistake in its infection method. However, it’s possible that the name is some kind of a sick joke. However, it’s possible that the whole ransomware is made for people who aren’t capable of finding enough information to crack the virus by themselves. Most people would consider then “noobs” because the key to the ransomware is widely available on the internet.
The key of the new version of Noob is the same as in the old version “lsakhBVLIKAHg.” The ransom note is a bit different, but there aren’t any major changes. Users will likely continue to get infected and even to pay the ransom. It’s a sad reality, but the intention of the Noob developer was likely to prove that there are a lot of such “Noobs” in the world. There’s an old saying that there’s a sucker born every minute. However, that doesn’t mean that these people deserve to be scammed.
Noob isn’t the only humorous ransomware virus around. Hitler ransomware was another, somewhat sloppy ransomware virus that didn’t even encrypt files. It just locked the screen of the infected PC.