Bitcoin666 Ransomware

The Bitcoin666 Ransomware Trojan is an encryption ransomware Trojan designed to take victims' files hostage to justify the demand of a ransom payment from the victim. The Bitcoin666 Ransomware Trojan was first released in April 2019 and carry out a typical version of these kinds of attacks. It is fundamental to take preventive measures to mitigate the effects of the Bitcoin666 Ransomware and similar encryption ransomware Trojans.

Why You Should Avoid a Bitcoin666 Ransomware Infection

Most encryption ransomware Trojans use a strong encryption algorithm to make the victim's files inaccessible. Typically, these threats avoid system files and instead target the user-generated files, which may include a wide variety of files types such as the files with the following file extensions:

.jpg, .jpeg, .raw, .tif, .gif, .png, .bmp, .3dm, .max, .accdb, .db, .dbf, .mdb, .pdb, .sql, .dwg, .dxf, .cpp, .cs, .h, .php, .asp, .rb, .java, .jar, .class, .py, .js, .aaf, .aep, .aepx, .plb, .prel, .prproj, .aet, .ppj, .psd, .indd, .indl, .indt, .indb, .inx, .idml, .pmd, .xqx, .xqx, .ai, .eps, .ps, .svg, .swf, .fla, .as3, .as, .txt, .doc, .dot, .docx, .docm, .dotx, .dotm, .docb, .rtf, .wpd, .wps, .msg, .pdf, .xls, .xlt, .xlm, .xlsx, .xlsm, .xltx, .xltm, .xlsb, .xla, .xlam, .xll, .xlw, .ppt, .pot, .pps, .pptx, .pptm, .potx, .potm, .ppam, .ppsx, .ppsm, .sldx, .sldm, .wav, .mp3, .aif, .iff, .m3u, .m4u, .mid, .mpa, .wma, .ra, .avi, .mov, .mp4, .3gp, .mpeg, .3g2, .asf, .asx, .flv, .mpg, .wmv, .vob, .m3u8, .dat, .csv, .efx, .sdf, .vcf, .xml, .ses, .qbw, .qbb, .qbm, .qbi, .qbr , .cnt, .des, .v30, .qbo, .ini, .lgb, .qwc, .qbp, .aif, .qba, .tlg, .qbx, .qby , .1pa, .qpd, .txt, .set, .iif, .nd, .rtp, .tlg, .wav, .qsm, .qss, .qst, .fx0, .fx1, .mx0, .fpx, .fxr, .fim, .ptb, .ai, .pfb, .cgn, .vsd, .cdr, .cmx, .cpt, .csl, .cur, .des, .dsf, .ds4, , .drw, .eps, .ps, .prn, .gif, .pcd, .pct, .pcx, .plt, .rif, .svg, .swf, .tga, .tiff, .psp, .ttf, .wpd, .wpg, .wi, .raw, .wmf, .txt, .cal, .cpx, .shw, .clk, .cdx, .cdt, .fpx, .fmv, .img, .gem, .xcf, .pic, .mac, .met, .pp4, .pp5, .ppf, .nap, .pat, .ps, .prn, .sct, .vsd, .wk3, .wk4, .xpm, .zip, .rar.

The files encrypted by the Bitcoin666 Ransomware attack are easy to recognize because the Bitcoin666 Ransomware adds the file extension '.bitcoin666' to each compromised file. After encrypting the victim's files, the Bitcoin666 Ransomware demands a ransom payment of 0.3 Bitcoin to restore the affected data. This demand is contained in a text file named 'Recover Files.TXT' that contains the following message:

'PC id: ***
ATTENTION!!! All your files are encrypted.
If you want to get your files back, you should pay me 0.3 BTC on the following address:
1CxCZjb5PVW1vLJHaoaY7RSDt7niyXrFc8
You have only 24 hours since you received that e-mail, after that price will be 0.4BTC.
To prove that we can bring back your files, attach a file between 1~5mb to be decoded.
After recieving your payment I'll send you a simple program and encryption key for it.
NoterTrying to recover your files with another program may result in a fatal loss of all your files. Only the original decoder and key can bring all your files back.
You can buy bitcoins here: https://localbitcoins.com
Here's a FAQ how to buy and send bitcoins (any language):https://localbitcoins.com/faq
(P.S. NO EXCEPTIONS WILL BE MADE. EVERYONE HAVE TO PAY.)
Write us: bitcoin666@cock.li or ap0calypse@india.com.'

Dealing with a Bitcoin666 Ransomware Infection

It is crucial to avoid following the instructions in the Bitcoin666 Ransomware ransom note. However, the files encrypted by the Bitcoin666 Ransomware attack cannot be restored without the decryption key. Because of this, it is paramount to have file backups stored on independent devices. Having the ability to recover files encrypted by the Bitcoin666 Ransomware attack through a backup copy is the best way to remove criminals' leverage, making the Bitcoin666 Ransomware attack much less effective. Apart from file backups, computer users should use a reliable security program that is fully up-to-date.