Skip to main content

Home Pseudoransomware


Pseudoransomware definition

Pseudoransomware refers to a type of malware that mimics the behavior of ransomware, a virus that encrypts the data on the device and demands a ransom to give it back. However, pseudoransomware doesn't actually encrypt the user's files. It only claims to have encrypted the user's files and demands a ransom, relying on users’ fear and panic induced by the ransom message to trick users into paying.

Pseudoransomware might be easier and quicker to develop and deploy than true ransomware, as it doesn't require complex encryption algorithms. It can also be effective against less tech-savvy users who might not realize their files haven't actually been encrypted.

See also: netwalker ransomware, ryu ransomware, cerber ransomware

How to recognize pseudoransomware

Scammers often use confusion and panic of their victims in their attacks and pseudoransomware is no different. Here’s are the signs that the attack is fake:

  • File access. If you can still access and open your files, they have not been encrypted, and it's likely that you're dealing with pseudoransomware. True ransomware would make files inaccessible without the decryption key.
  • File extensions. Real ransomware often changes the extensions of your files when it encrypts them. If your file extensions remain the same (.exe, .docx, .pdf), it’s probably not real ransomware.
  • System performance. Most types of malware require significant system and network resources causing your computer to slow down. If you haven’t noticed any changes in system performance, the attack may be fake.