‘Bitcoinpay@india.com’ Ransomware

‘Bitcoinpay@india.com’ Ransomware Description

The 'Bitcoinpay@india.com' Ransomware is a ransomware Trojan that carries out a typical ransomware attack on its victims. The 'Bitcoinpay@india.com' Ransomware encrypts victims' files and then demands the payment of a ransom in exchange for the decryption key. Computer users are advised to take precautions, as ransomware threats like the 'Bitcoinpay@india.com' Ransomware have seen increased activity in 2016 and are likely to continue to be a major threat in the coming year.

The 'Bitcoinpay@india.com' Ransomware Attack

The 'Bitcoinpay@india.com' Ransomware is one of the countless variants in the Crysis family of ransomware. The 'Bitcoinpay@india.com' Ransomware receives this name because the extortionists to communicate with victims of the attack use the ‘Bitcoinpay@india.com’ email address. There are very few differences between the 'Bitcoinpay@india.com' Ransomware and other variants of Crysis. The 'Bitcoinpay@india.com' Ransomware uses obfuscation techniques that make it difficult for PC security researchers to study this and other Crysis variants. The 'Bitcoinpay@india.com' Ransomware variant, in particular, seems to target servers over individuals' computer systems.

Limiting Server Exposure to the 'Bitcoinpay@india.com' Ransomware Attacks

The 'Bitcoinpay@india.com' Ransomware attack is fairly typical of these infections. It is highly likely that the 'Bitcoinpay@india.com' Ransomware is part of a RaaS (Ransomware as a Service) scheme, where con artists pay other con artists to make custom versions of these ransomware threats for distribution. This accounts for a large amount of variants of these threats that tend to exist.

The 'Bitcoinpay@india.com' Ransomware uses combined AES and RSA encryption algorithms to encrypt the victims' data, making the files inaccessible. The 'Bitcoinpay@india.com' Ransomware will encrypt all local drives, as well as shared drives and external memory devices. The 'Bitcoinpay@india.com' Ransomware identifies the files encrypted during the attack by renaming them following the scheme 'filename.id-[8 random characters].bitcoinpay@india.com.xtbl.' According to reports received by our malware analysts, the 'Bitcoinpay@india.com' Ransomware will target the following file types in its attack:

.PNG, .PSD, .PSPIMAGE, .TGA, .THM, .TIF, .TIFF, .YUV, .AI, .EPS, .PS, .SVG, .INDD, .PCT, .PDF, .XLR, .XLS, .XLSX, .ACCDB, .DB, .DBF, .MDB, .PDB, .SQL, .APK, .APP, .BAT, .CGI, .COM, .EXE, .GADGET, .JAR, .PIF, .WSF, .DEM, .GAM, .NES, .ROM, .SAV, .DWG, .DXF, .GPX, .KML, .KMZ, .ASP, .ASPX, .CER, .CFM, .CSR, .CSS, .HTM, .HTML, .JS, .JSP, .PHP, .RSS, .XHTML, .DOC, .DOCX, .LOG, .MSG, .ODT, .PAGES, .RTF, .TEX, .TXT, .WPD, .WPS, .CSV, .DAT, .GED, .KEY, .KEYCHAIN, .PPS, .PPT, .PPTX, .INI, .PRF, .HQX, .MIM, .UUE, .7Z, .CBR, .DEB, .GZ, .PKG, .RAR, .RPM, .SITX, .TAR.GZ, .ZIP, .ZIPX, .BIN, .CUE, .DMG, .ISO, .MDF, .TOAST, .VCD, .SDF, .TAR, .TAX2014, .TAX2015, .VCF, .XML, .AIF, .IFF, .M3U, .M4A, .MID, .MP3, .MPA, .WAV, .WMA, .3G2, .3GP, .ASF, .AVI, .FLV, .M4V, .MOV, .MP4, .MPG, .RM, .SRT, .SWF, .VOB, .WMV, .3D, .3DM, .3DS, .MAX, .OBJ, R.BMP, .DDS, .GIF, .JPG,.CRX, .PLUGIN, .FNT, .FON, .OTF, .TTF, .CAB, .CPL, .CUR, .DESKTHEMEPACK, .DLL, .DMP, .DRV, .ICNS, .ICO, .LNK, .SYS, .CFG.

There are several measures server administrators can take to limit their exposure to the 'Bitcoinpay@india.com' Ransomware and similar attacks:

  1. Ensure that servers are protected from attacks adequately, using strong passwords and enabling all appropriate security protocols. PC security analysts also strongly advise that appropriate firewalls and security programs are installed to intercept the 'Bitcoinpay@india.com' Ransomware before it begins its attack.
  2. The 'Bitcoinpay@india.com' Ransomware tends to spread through corrupted email attachments and links. Because of this, it is important that all employees at a company be educated on how to handle emails and email attachments safely, especially when dealing with spam emails and unsolicited email attachments.
  3. The best protection against the 'Bitcoinpay@india.com' Ransomware and other ransomware Trojans is to have good backup procedures in place. If there are backups of all vulnerable data, then server administrators can recover from a 'Bitcoinpay@india.com' Ransomware attack quickly by restoring the data from the backup, rather than paying the extraordinarily elevated ransom that the 'Bitcoinpay@india.com' Ransomware demands (4 BitCoin, approximately $2800 USD!). In fact, once having backups becomes a common practice, which is not unlikely considering the decreasing prices of memory devices and cloud storage, ransomware threats like the 'Bitcoinpay@india.com' Ransomware will become obsolete.

Infected with ‘Bitcoinpay@india.com’ Ransomware? Scan Your PC for Free

Download SpyHunter’s Spyware Scanner
to Detect ‘Bitcoinpay@india.com’ Ransomware
* SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware removal tool to remove the malware threats. Read more on SpyHunter. If you no longer wish to have SpyHunter installed on your computer, follow these steps to uninstall SpyHunter.

Security Doesn't Let You Download SpyHunter or Access the Internet?


Solutions: Your computer may have malware hiding in memory that prevents any program, including SpyHunter, from executing on your computer. Follow to download SpyHunter and gain access to the Internet:
  • Use an alternative browser. Malware may disable your browser. If you're using IE, for example, and having problems downloading SpyHunter, you should open Firefox, Chrome or Safari browser instead.
  • Use a removable media. Download SpyHunter on another clean computer, burn it to a USB flash drive, DVD/CD, or any preferred removable media, then install it on your infected computer and run SpyHunter's malware scanner.
  • Start Windows in Safe Mode. If you can not access your Window's desktop, reboot your computer in "Safe Mode with Networking" and install SpyHunter in Safe Mode.
  • IE Users: Disable proxy server for Internet Explorer to browse the web with Internet Explorer or update your anti-spyware program. Malware modifies your Windows settings to use a proxy server to prevent you from browsing the web with IE.

If you still can't install SpyHunter? View other possible causes of installation issues.

Site Disclaimer

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.

IMPORTANT! To be able to proceed, you need to solve the following simple math.
Please leave these two fields as is:
What is 14 + 14 ?