Batman_good@aol.com Ransomware

The 'Batman_good@aol.com' Ransomware has been associated with various other Crysis variants. Crysis is a ransomware Trojan family that was first observed in March of 2016 and has spawned numerous variants in Summer of 2016. This latest batch of variants associated with Crysis, which includes the 'Batman_good@aol.com' Ransomware, seems to contain email addresses and themes related to comics and video games. Apart from the 'Batman_good@aol.com' Ransomware, the following are some of the email addresses that have been linked to the 'Batman_good@aol.com' Ransomware attacks:

Tactics Fallout; diablo_diablo2;
legioner_seven;
donald_dak;
seven_legion;
last_centurion

However, there is no truth to the email messages related to the 'Batman_good@aol.com' Ransomware or their threats. However, the ransomware attack related to the 'Batman_good@aol.com' Ransomware and its variants is indeed quite sophisticated and difficult to deal with. PC security analysts recommend that computer users take appropriate security and backup measures to ensure that their computers are protected from the 'Batman_good@aol.com' Ransomware and other Crysis variants.

Crysis Attacks in Summer of 2016

A large volume of ransomware attacks related to the Crysis family of ransomware Trojans is taking place during the Summer of 2016. The first wave of attacks related to this threat family used india@com email addresses, followed by email addresses from the AOL domain. The following are some examples of email addresses related to Trojan attacks from this family that took place earlier in the Summer:

• Eco_vector@india.com
• sub_zero12@aol.com
• gerkaman@aol.com
• freetibet@india.com
• Cyber_baba2@aol.com
• siddhiup2@india.com
• gruzinrussian@aol.com
• ramachandra7@india.com
• goldman0@india.com
• centurion_legion@aol.com
• dalailama2015@pro
• a_princ@aol.com
• TREE_OF_LIFE@INDIA.COM
• redshitline@india.com
• milarepa.lotos@aol.com
• Ecovector3@aol.com
• Eco_vector@aol.com

This threat attack is not complicated to understand and uses an approach that has been observed over and over again in other ransomware Trojan attacks:

1. The 'Batman_good@aol.com' Ransomware may enter a computer through covert means.
2. The 'Batman_good@aol.com' Ransomware encrypts the victim's files, changing their extensions and making them inaccessible without the decryption key (essentially taking them hostage).
3. The 'Batman_good@aol.com' Ransomware will then deliver a ransom note that instructs the victim to contact the 'Batman_good@aol.com' Ransomware email address to recover from the attack.

Some of the file formats that are targeted by the 'Batman_good@aol.com' Ransomware and its variants include:

.odc, .odm, .odp, .ods, .odt, .docm, .docx, .doc, .odb, .mp4, sql, .7z, .m4a, .rar, .wma, .gdb, .tax, .pkpass, .bc6, .bc7, .avi, .wmv, .csv, .d3dbsp, .zip, .sie, .sum, .ibank, .t13, .t12, .qdf, .bkp, .qic, .bkf, .sidn, .sidd, .mddata, .itl, .itdb, .icxs, .hvpl, .hplg, .hkdb, .mdbackup, .syncdb, .gho, .cas, .svg, .map, .wmo, .itm, .sb, .fos, .mov, .vdf, .ztmp, .sis, .sid, .ncf, .menu, .layout, .dmp, .blob, .esm, .vcf, .vtf, .dazip, .fpk, .mlx, .kf, .iwd, .vpk, .tor, .psk, .rim, .w3x, .fsh, .ntl, .arch00, .lvl, .snx, .cfr, .ff, .vpp_pc, .lrf, .m2, .mcmeta, .vfs0, .mpqge, .kdb, .db0, .dba, .rofl, .hkx, .bar, .upk, .das, .iwi, .litemod, .asset, .forge, .ltx, .bsa, .apk, .re4, .sav, .lbf, .slm, .bik, .epk, .rgss3a, .pak, .big, wallet, .wotreplay, .xxx, .desc, .py, .m3u, .flv, .js, .css, .rb, .png, .jpeg, .txt, .p7c, .p7b, .p12, .pfx, .pem, .crt, .cer, .der, .x3f, .srw, .pef, .ptx, .r3d, .rw2, .rwl, .raw, .raf, .orf, .nrw, .mrwref, .mef, .erf, .kdc, .dcr, .cr2, .crw, .bay, .sr2, .srf, .arw, .3fr, .dng, .jpe, .jpg, .cdr, .indd, .ai, .eps, .pdf, .pdd, .psd, .dbf, .mdf, .wb2, .rtf, .wpd, .dxg, .xf, .dwg, .pst, .accdb, .mdb, .pptm, .pptx, .ppt, .xlk, .xlsb, .xlsm, .xlsx, .xls, .wps.

The 'Batman_good@aol.com' Ransomware delivers its ransom note in the form of text and HTML files dropped in the directories containing the encrypted files, as well as by changing the victim's Desktop wallpaper picture. The instructions on the ransom notes are simple: victims are instructed to contact the 'Batman_good@aol.com' Ransomware email address for information on how to recover the files. After making contact, victims of the 'Batman_good@aol.com' Ransomware are instructed to pay the ransom using TOR and anonymous payment methods. Computer users are counseled against paying the 'Batman_good@aol.com' Ransomware ransom, despite the fact that there is currently no decryption utility available.