Ransomware attackers have a “Mercy” option on new Philadelphia ransomware…
A new version of Stampado, Philadelphia, has been released and is for sale as ransomware as a service (RaaS). The difference with this particular ransomware, is the interface provides the attackers with a “Mercy” option. So if they so choose, they could show mercy on particular ransomware victims and decrypt the files without receiving payment.
It is not realistic to assume this “Mercy” button will be utilized that frequently, otherwise it is safe to assume people would stop paying and expect mercy. Another deterrent for victims to pay is, the probability of a decryption key already being available. According to BleepingComputer, there has likely been a free decryption key found for this new found ransomware.
It is believed the ransomware is being distributed through phishing attacks. The ransom demanded is not known at this time; however, it was reported that after infection a timer starts. If a payment is not received prior to time expiring, files will be deleted.
Again, instead of rushing to make the payment, it is encouraged victims check the Stampado Ransomware Help & Support Topic to see if the free decryption tool available works to decrypt their files.
