SpongeBob is a character on kids TV series, yet this time it means something different – Spongebob ransomware is another Bitcoin ransomware. ‘Spongebob ransomware turns out to be pretty square’ – on point headline from cyber security researchers at Scmagazine (1). Actually this virus is labeled as Spongebob ransomware 2.0 as we have seen a previous version earlier, yet it was not that significant. However, this time it also a bit strange – this virus is either still in development mode or it’s just a joke as it can’t actually cause you significant damage or make money out of it (unless some really naive users pay the ransom for no reason).
Cyber security researchers from TheMerkle (2) noticed that since this virus is not very impressive regarding its’ technical specifications, cyber criminals tries to gain some attention from the media and cyber security community by using the name of a well known SpongeBob character.
If your computer is infected with this virus, you will notice it immediately, because a new window on your desktop will open automatically. It looks like this:
The message of the virus:
Ooops, spongebob is encrypting your files!
WHAT HAPPENED TO MY COMPUTER?
Your important files are encrypted.
Many of your documents, photos, videos, databases and other files are no longer accessible because they have been encrypted. Maybe you are busy looking for a way to recover your files, but do not waste your time. Nobody can recover files without our decryption service.
CAN I RECOVER MY FILES?
Sure. We guarantee that you can recover all your files safely and easily. But you dont have much time left. You can decrypt some of your files for free. Try now by clicking <Decrypt>.
But if you want to decrypt all your files. you need to pay.
You only have 3 days to submit the payment. AFter that the price will be doubles.
Also, if you don’t pay in 7 days, you won’t be able to recover your files forever.
We will have free events for users who are so poor that they couldn’t pay in 6 months.
As you can see, cyber criminals are trying to scare you – they insist to pay the ransom fast, otherwise the price will be doubled or you will lose the ability to recover your files at all. However, don’ do that – we have already mentioned that this ransomware virus doesn’t have the power to encrypt your files, it’s just a scam. They are willing to collect ransom payments using Bitcoin cryptocurrency since it’s more difficult to track the receiver this way.
Taking into the consideration some grammar errors and even logical breaks, it seems that the virus was designed by some amateurs and it won’t grow into anything bigger. The layout and ideas are very similar to the ones featured by Locky virus, so it might be that hackers behind Spongebob ransomware simply ripped some of the features of Locky virus and adjusted them by themselves.
Now, to solve this problem (ransomware window popping up every time you boot the system), you simply have to close the window and eliminate all files related to this infection. You can do it either manually or automatically. We can’t tell exact path to find all files related to this infection, so you will have to rely on the search function on your OS. Or, you can simply download anti-malware application, such as Spyhunter and scan your computer with it. It will detect all malicious files on your computer and remove them automatically.
Automatic Malware removal tools