The ransomware known as Shade has traditionally been targeted at Russia, but is now being seen targeting the US and other nations. Shade has been around since 2014 and researchers found that the coding is very similar to the original. The US, Japan, India, Canada, and Thailand appear to be the newly targeted countries which indicates that Russian users have developed patches to easily fix the virus. Now cybercriminals must expand their operations to try to generate new revenue streams. The Shade ransomware is distributed through spam emails that have a link to an attachment which is disguised as a bill of some sort. Once the attachment is clicked, the ransomware executes and begins to encrypt the user’s files. The ransomware then creates a new home screen that displays the ransom note and an email address that the user must contact to pay the ransom.
By Akshay Rohatgi and Randy Pargman About this Student Research Project Binary Defense’s mission is