Hawkeye Ransomware

Hawkeye Ransomware Overview
The HawkEye ransomware is a malware threat that is under an active investigation. The identified samples contain several advanced features:
 * Remote Command Execution – The virus allows the infected machines to listen to remote commands and execute arbitrary commands given by the remote criminals.


 * Keylogger – The code is able to to monitor the system clipboard and record all keystrokes.


 * Account Harvesting – The virus can scan for any account login screens and take the account data.


 * System Information Gathering – The HawkEye ransomware extracts information from the infected devices that is attributed to details about the Android operating system and its hardware.

Hawkeye Ransomware Distribution
The Hawkeye ransomware is primarily distributed mainly via infected binary files. They pose as legitimate applications made by Acer.

We suspect that email phishing campaigns are the primary source of infection. Botnet networks are often employed as sources of the infections.

Other methods include spreading of files via download sites or P2P networks.

Hawkeye Ransomware Removal
In-depth removal instructions and detailed technical information about the virus can be found on Best Security Search.