1 of 2
Danger level 6
Type: Trojans
Common infection symptoms:
  • Slow Computer
  • System crashes
  • Normal system programs crash immediatelly
  • Connects to the internet without permission
  • Installs itself without permissions
  • Can't be uninstalled via Control Panel

HiddenBeer Ransomware

HiddenBeer Ransomware is another new threat based on the open-source ransomware known as Hidden Tear. It encrypts the user’s files with a secure encryption algorithm, which makes it impossible to open data without a particular decryption key. The malware’s creators seek getting paid as they ask for 100 US dollars in Bitcoins transferred into their account in exchange for the decryption key. What you should understand is while the hackers might promise to send it after you make the payment, in reality, there are no guarantees they will hold on to their word. Therefore, our researchers think it is safer to erase HiddenBeer Ransomware and restore data from whatever copies you may have on removable media devices, cloud storage, etc. If you do not think paying the ransom is a good plan either, we encourage you to get rid of this malicious application while following the instructions located below or with a reliable antimalware tool of your choice.

The malware seems to be spread through malicious email attachments that victims might receive with Spam. Consequently, we recommend being extra cautious when receiving suspicious emails, for example, attachments from unknown senders, files you did not expect to get, etc. If you ever doubt whether the file is harmful or not, you should scan it with a reliable antimalware tool first. Another possibility is HiddenBeer Ransomware might be spread through unsecured RDP (Remote Desktop Protocol) connections. Thus, our researchers also advise changing weak passwords, updating old or outdated software, and removing all other vulnerabilities your computer may have.

It appears the malicious application starts encrypting data right after its launch. During this process, HiddenBeer Ransomware should lock targeted files, for example, pictures, photos, various documents, and data alike with a secure encryption algorithm. As a result, the files should become unusable, and they should have the malware’s extension (.beer). For instance, a text file called chapter_1.docx would become chapter_1.docx.beer. The next malicious application’s task is to change the user’s Desktop picture and show a ransom note. As mentioned in the first paragraph, the threat’s ransom note contains a particular suggestion. To be more precise, victims are asked to pay a ransom note and in return on transferring the money HiddenBeer Ransomware’s developers promise to send the needed decryption key. If you believe what is said on the ransom note, the hackers will deliver the means to decrypt victim’s files after he pays the ransom and send an email to tr0ning@protonmail.com.

Needless to say, there are no reassurances you will get your decryption key even if you pay the sum HiddenBeer Ransomware’s developers ask for or that the decryption will work. What we are trying to explain is paying the ransom could be risky as there is a possibility you could get tricked. Provided you do not want to risk ending in such a situation, we would recommend against dealing with hackers. As said earlier, we believe it would be safer to eliminate the threat and restore locked files by replacing them with backup copies you might have somewhere. There are two ways to remove the malicious application. The first one is to erase all data associated or created by it manually from the infected computer. Since the task could be somewhat challenging, we have prepared deletion instructions placed a bit below this paragraph.

The other way to get rid of HiddenBeer Ransomware is to scan the system with a reliable antimalware tool of your choice. After the scan, you should see a list of detections, including the discussed malicious application. Pressing the given removal button should be enough to eliminate all detections at once. If you still need any help or want to ask anything else about the malware do not forget you can place a message for us at the end of this page.

Remove HiddenBeer Ransomware

  1. Press Ctrl+Alt+Delete.
  2. Choose Task Manager.
  3. Find the malware process, select it and click End Task.
  4. Exit the Task Manager.
  5. Press Win+E.
  6. Check these locations:
    %TEMP%
    %USERPROFILE%\desktop
    %USERPROFILE%\downloads
  7. Look for the threat’s installer, then right-click it and press Delete.
  8. Go to your desktop folder again.
  9. Find files called @FILE-DECRYPTER.exe and @FILES-HELP-.txt
  10. Right-click such data and press Delete.
  11. Navigate to %HOMEDRIVE%\user
  12. Right-click files titled @Chromium.exe and Chrome.jpg and select Delete.
  13. Close File Explorer.
  14. Empty Recycle Bin.
  15. Reboot the computer.
Download Spyware Removal Tool to Remove* HiddenBeer Ransomware
  • Quick & tested solution for HiddenBeer Ransomware removal.
  • 100% Free Scan for Windows
disclaimer
Disclaimer

Post comment — WE NEED YOUR OPINION!

Comment:
Name:
Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.