Ransomware Tracker (Entry #214): GhosHacker

GhosHacker is a NoCry-derived crypto-ransomware that changes the victim's wallpaper, displays a ransom modal, and encrypts files with AES appending the .red extension; actors demand $75 in Bitcoin and threaten deletion or increased extortion if unpaid. The variant is closely related to BlackSkull, Anonymous, and AzzaSec and appears to be part of a series of similar/test builds with limited public technical detail.