BadNews Ransomware is a malicious application that marks each encrypted file with .badnews extension. As the research shows, the threat might encrypt most of the user’s private files on the computer, e.g. pictures, photos, videos, documents, and other valuable files. However, even though infecting the computer with this malware may seem like the end of the world, still there could be some hope. Apparently, the threat is most likely based on an open source malicious application called HiddenTear. As our researchers explain, since this ransomware has a decryption tool, BadNews Ransomware might be decryptable as well. Thus, if you received this malware, we would advise you not to panic and read the rest of the article to learn more important details. At the end of the text, we will place instructions showing how to get rid of the infection manually too.
Currently, our specialists are still trying to figure out how this malware is being distributed, so at the moment we can only suggest a few possible distribution ways based on our experience with other similar threats. Probably, the most popular way to spread malicious applications like BadNews Ransomware is to send an infected file via email. If the user is not cautious enough he might open the file instantly and so infect his system without even realizing it. If you would like to avoid such situations, we would advise you to acquire reliable antimalware software that could guard the system against malware. Also, you could use it to scan suspicious files sent via email. The process should not much time, and you would instantly know if the file is malicious or not.
Once you launch BadNews Ransomware’s malicious file, it should start working right from the directory where you have downloaded it. In other words, the infection should not place more data or create any new folders on the computer. Instead, it may immediately start the encryption process. During it the threat should lock all targeted files, so by the time the encryption process is over you might be unable to open your private data. Then the malware should create and launch a file called “how to recover encrypted files.” It contains a message from the BadNews Ransomware’s developers. As usual, users are asked to pay a ransom in exchange of a decryption tool. Since there are no guarantees the decryption tool will be delivered, we would advise you not to risk losing your money, especially when there is a chance you could find a free decryptor on the Internet.
For those of you who do not want to risk their money, we would recommend eliminating the infection instead of paying the ransom. If you think you can manage to erase it manually, you should slide below the text and have a look at the available instructions. Of course, they might look too complicated for inexperienced users. Therefore, in such cases, our specialists recommend using a legitimate antimalware tool. With it, you could scan the computer and locate not only BadNews Ransomware but also other threats that might be on the system. Plus, this way you would acquire a reliable tool that could help you secure the computer and protect it from various threats in the future.