Ransomware Tracker (Entry #213): BlackSkull

BlackSkull is a low-impact, likely test ransomware built from the NoCry/WannaCry builder and related to GhosHacker, Anonymous, and possibly early AzzaSec. Only one sample has been observed; it changes the desktop wallpaper, drops two ransom notes (HTML and a process-driven message), appends the .BlackSkull extension to files encrypted with AES, and demands $200—overall assessed as having minimal threat due to limited sightings and likely test status.