Cancer is a ransomware that does not act like a typical encryption malware .


It does not use any strong encryption algorithm to encrypt targeted files. What is more, malware does not demand to pay the ransom for data recovery. Cancer malware also resembles a lockscreen ransomware.


After infiltration, it starts running various processes and delivers unknown errors warning about system-related problems. These alerts might be impossible to close, or they may lock the computer’s screen. Surprisingly, malware does not leave any ransom note with instructions how the user should treat this cyber infection. It only drops an ewwwwww ~ cancer.png file, which becomes a new background picture that includes unpleasant words “I have cancer.”

Cancer ransomware aims at Microsoft Office and OpenOffice documents, PDF and text files, various formats of images, audio or video files, archives, databases, and many other mostly used files. In this way, it makes the attack even worse because users are scared of losing their files. During this fake file-encryption process, malware appends a .cancer file extension to each affected file.

After infiltration Cancer virus also renames C: drive to “CANCERRRRRRRRRRRRRRRRRRRRRRRRR.” The reason why it behaves in this way it’s unknown.

Community content is available under CC-BY-SA unless otherwise noted.