GoldenEye malware – the “new ransomware” security threat!

GoldenEye malware – the “new ransomware” security threat!

Sign-up to a data breach claim today - use our quick and easy form to begin your claim for thousands of pounds in compensation.

Start Your Claim
Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy

solicitors regulation authority

Malware and ransomware has been on a sharp rise in recent years, with security researchers saying that cyberthieves are adopting them in “alarming” numbers.

The rise in these types of cyber-attacks are usually money driven.

Malware is a software that’s installed covertly onto the user’s computers and disrupts the system to allows the cyber-hacker unauthorised access to it.

There’s a ‘new’ malware on the horizon… and it’s not from an unknown territory.

The Petya and Mischa ransomware combo effectively works together to encrypt user data, and they’ve joined forces to create a new malware called the GoldenEye. The GoldenEye ransomware is commonly mistaken for a new type of ransomware, when in actual fact, many experts believe that it’s a rebranding of the Petya and Mischa malware.

How does the GoldenEye malware work?

As of 6th December, computer users reported malicious attacks, and after it was brought to the attention of security experts, the GoldenEye ransomware was identified as almost identical to Petya and Mischa.

The GoldenEye ransomware is spread through spam emails, and seems to only be targeting German-speaking users at this point. The spam emails are sent from individuals pretending to express their interest for a position at the company, containing two file attachments. The first is a CV that is used to convince the recruiter that the email is what it purports to be and is legitimate. The second is the killer; an excel spreadsheet. The spreadsheet is the main installer for the GoldenEye malware and contains malicious software that installs the malware.

It isn’t installed automatically, and the user has to click on the Enable Content button. Once the software is downloaded, it can automatically launch the programme and begin the encryption process. By this point, there is little the user can do to save their information and data. When the ‘encryption operation’ has ended, the ransomware will show the following note: “YOUR_FILES_ARE_ENCRYPTED.TXT”. Once information is encrypted, the user can only retrieve their data on payment.

This is where ransomware comes in. The cyber-hackers will only restore the users’ system back to its original form once a sum of money is paid.

How to recover your files

Users who want to recover their files can’t do so without a “personal decryption code”, which can only be purchased on the darknet. The GoldenEye malware asks for around £800 (which is usually paid in Bitcoins, a digital currency).

If you have been affected by the GoldenEye malware you can find step-by-step instructions online by searching for “goldeneye malware instructions”.


Because of the clever nature of the emails, some may not question the legitimacy of them. Even the most cautious individuals would’ve opened an email or an attachment which thankfully didn’t lead to malware, but on retrospect maybe wondered what made us trust the email. Unfortunately, this is how malware and ransomware works. It gains trust through deception.

How to keep protected

The best way to keep yourself protected from a malware attack is to download and install the anti-malware tool which provides a solution for your computer and checks for any malicious software. The scan will provide a list of items that may harm your computer system. With ransomware, it gets trickier, as the email usually looks legitimate. My advice is to boost your anti-spam settings, this’ll filter out any potentially harmful messages.

Of course, these small tips aren’t a complete solution but it’ll most certainly enhance the security of your system.

Start Your Claim

You can call our claims team free from a landline or mobile on 0800 634 7575 or click on the link below to create a call back with one of our expert Data Claims team.Information on how we handle your data is available in our Privacy Policy.

We offer genuine No Win, No Fee agreements for our clients. Why we do this is simple:

Leading Data Breach Lawyers
Our experience speaks for itself.
We will fight for your right to compensation.
Access to Justice
As a victim of a data breach or hack, you deserve your chance to get access to justice.
Risks Assessment
We carefully risk assess your case and take it on if we think we have a good chance of winning the claim.

Request A Callback From Our Team

Fill out our quick call back form below and we'll contact you when you're ready to talk to us.

Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy

solicitors regulation authority

Contact is © of Your Lawyers Limited - we are 'Authorised and Regulated by the Solicitors Regulation Authority (SRA number 508768)'
arrow-up icon