Skip to main content

“Yes we ran(somware)” - Obama malware encrypts .exe files

Published on: 6 Sep 2018

A strange new piece of ransomware virus centres around former US president Barack Obama.

First spotted by the MalwareHunterTeam, the ‘Barack Obama's Everlasting Blue Blackmail Virus Ransomware’ only encrypts .exe files on a computer before displaying an image of President Obama asking for a ‘tip’ to decrypt the files, reports SCMagazineUK.com.

Once executed, the malware goes on to terminate antivirus software such as Kaspersky, McAfee and Rising Antivirus before scanning the computer for .exe files to encrypt.

Additionally, the ransomware modifies the registry keys associated with .exe files to display a new icon and run the virus every time an executable is launched as part of the encryption process.

It currently remains unclear who is responsible for the malware or if its distributors have any intention of providing decryption keys if victims pay up.

This isn’t the first time an American president has been the theme of ransomware. Before the 2016 election, cyber criminals created a Donald Trump ransomware, but it was still in development and contained built-in decryption.