Click on screenshot to zoom
Danger level 7
Type: Trojans
Common infection symptoms:
  • Slow Computer
  • System crashes
  • Normal system programs crash immediatelly
  • Connects to the internet without permission
  • Installs itself without permissions
  • Can't be uninstalled via Control Panel

Bisquilla Ransomware

Bisquilla Ransomware is a new threat that our malware research team rushed to inspect as soon as possible. The good news is that this is the first version of this malware, and it is not capable of causing great damage. Although it should be capable of encrypting files – which was found when analyzing the infection’s code – at this moment, it does not do that. Instead, it launches two separate windows that do not offer a great deal of information. Due to this, we doubt that this version of the threat will see the light of day. That being said, it is very possible that it could evolve and that new versions could become seriously dangerous. When it comes to ransomware, protecting the system is always easier than deleting malware and restoring order after a successful attack. Keep reading to learn more about the security measures you should be taking, as well as how to treat and remove Bisquilla Ransomware if it slithers in.

According to our malware research team, the malicious code of Bisquilla Ransomware was taken from the infamous Jigsaw Ransomware, but that does not mean that it was created by the same people. Cyber criminals usually rely on already-available malware codes because that helps them lift malicious infections off the ground quicker. Sometimes they fail, and sometimes they succeed. It is hard to say, at which stage the suspicious Bisquilla Ransomware was caught, but it does not look like it is spreading yet. If it were spreading, there is a good chance that misleading webpages, social media scams, and phishing emails could be employed to introduce gullible users to a concealed launcher file. The word on the street is that this file could be presented as a Google Chrome updater. However, it could also be presented as a document file, or it could be downloaded silently by some clandestine Trojan. At this point, we can only speculate how the malicious ransomware would be distributed, but we know for a fact that victims will not have much time to delete the file before the attack begins.

The code of the malicious Bisquilla Ransomware was analyzed in our internal lab, and it was found that the threat is supposed to encrypt files with these extensions: .AVI, .C, .CLASS, .CONFIG, .CPP, .CS, .CSC, .DBX, .DOC, .DOCX, .EML, .GIF, .GZ, .H, .JAR, .JAVA, .JPG, .JS, .JSON, .JSP, .MBX, .MP3, .MP4, .MPEG, .MSG, .NEF, .PDF, .PHP, .PNG, .PPT, .PPTX, .PST, .PY, .R, .RAR, .TAR, TXT, .VBS, .WAB, .XAML, .XLS, .XLSX, and .ZIPVB. During the encryption, the names of the corrupted files should be changed as well, as the “.wrk” extension should be added at the end as a marker. After encryption, a ransom note should be presented, but we have no information about that yet, and so it is possible that Bisquilla Ransomware was created to encrypt files with no other purpose but to create a mess. Obviously, that is very unlikely to be the case. Besides encrypting files, the infection also gathers information about the system. It is known that it can record the manufacturer, version, identification code, serial number, and release date of the BIOS, the model, manufacturer, signature, and heads of Disk Drive, and the model, manufacturer, name, and serial number of the Base Board. All the more reason to delete this threat.

After encryption, Bisquilla Ransomware should open a CMD window and another window with this message: “Please relax and enjoy a warm cup of tea while I encrypt your files. Do not turn off your computer, this can corrupt your files.” If the threat became more functional, it is likely that this message would be updated too, but, for now, that is all we’ve got. Basically, in its current form, the ransomware is pretty much harmless, but we cannot guarantee that things will not change. That is why it is crucial to protect ourselves. First and foremost, reliable security software must guard all of your devices because that is your first line of defense. Your second line of defense is knowledge. Now that you know that this threat exists, you need to keep your eyes open. Do not interact with strange emails, and certainly do not install random Chrome updates. Finally, BACKUP FILES! That is extremely important because if malware slithers in despite your security efforts, at least, your files will be safe. As for the removal, if you need to delete Bisquilla Ransomware, employ anti-malware software ASAP, or find a way to get rid of it manually.

Bisquilla Ransomware Removal

  1. Delete recently downloaded suspicious files. Check these locations first:
    • %USERPROFILE%\Desktop
    • %USERPROFILE%\Downloads
    • %TEMP%
  2. Empty Recycle Bin.
  3. Quickly inspect your operating system using a legitimate malware scanner.
  4. If threats are found, Delete them as soon as possible.
Download Spyware Removal Tool to Remove* Bisquilla Ransomware
  • Quick & tested solution for Bisquilla Ransomware removal.
  • 100% Free Scan for Windows

Post comment — WE NEED YOUR OPINION!

Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.