Threat Database Ransomware '.braincrypt File Extension' Ransomware

'.braincrypt File Extension' Ransomware

By GoldSparrow in Ransomware

Threat Scorecard

Threat Level: 100 % (High)
Infected Computers: 36
First Seen: December 21, 2016
Last Seen: March 16, 2023
OS(es) Affected: Windows

The '.braincrypt File Extension' Ransomware is one of the first encryption Trojans written entirely in Google's Go programming language. Analysts note that the first crypto malware to use Google's Go programming language was Trojan.Encoder.6491 and many experts suspect that we might see a shift in how ransomware is written in the near future. Samples of '.braincrypt File Extension' Ransomware show that the Trojan utilizes multi-core processing and the AES-256 encryption algorithm to facilitate its operations. As you may guess, the '.braincrypt File Extension' Ransomware is named after the suffix it appends to encrypted data. For example, 'Sabaton - Ghost division.mp3' becomes 'Sabaton - Ghost Division.mp3.braincrypt' and you would be unable to play this great song.

Fake Bank Statements Deliver the '.braincrypt File Extension' Ransomware to Users

Spam emails loaded with corrupted documents from trusted bank institutions carry an installer for the '.braincrypt File Extension' Ransomware. Computer users may be shown a banner that urges them to enable the macro and load the file correctly. Security researchers alert that the macro functionality if office suites is a standard tactic to install crypto malware on remote systems. Executables associated with '.braincrypt File Extension' Ransomware can be found in the Temp directory on the system drive, and they are loaded in the memory as soon as the ransomware is installed. The encryption engine inside the '.braincrypt File Extension' Ransomware is programmed to use a personalized AES-256 cipher and lock data. Windows Explorer uses a white icon to flag unknown file types and objects with the '.braincrypt' suffix. You may be presented with an alert that your data is corrupted soon after the '.braincrypt File Extension' Ransomware completes its work. The ransom demands are shown via Notepad which loads '!!! HOW TO DECRYPT FILES !!!.txt'. The message in '!!! HOW TO DECRYPT FILES !!!.txt' reads:

'YOUR FILES WERE ENCRYPTED.
TO DECRYPT FILES, PLEASE, CONTACT US WRITING ON THIS EMAIL: headlessbuild@india.com
YOUR PERSONAL ID: [RANDOM CHARACTERS]'

Backups and Archives Should Be Used to Recover Data Affected by the '.Braincrypt File Extension' Ransomware

Unfortunately, decryption is impossible and backup images are your only hope to recover data. The '.braincrypt File Extension' Ransomware Trojan is designed to lock common data containers for images, audio, video, presentations, databases and Ebooks. The '.braincrypt File Extension' Ransomware is as effective as 'amagnus@india.com' Ransomware and 'rescuers@india.com' Ransomware. It is in your best interest to be prepared for wide-scale attacks with variants of the '.braincrypt File Extension' Ransomware. ESG experts recommend installing a reliable backup tool that can transfer backups to removable storage and cloud services like Google Drive, Dropbox, and Microsoft's OneDrive. Fortunately, ransomware is unable to alter data stored on unmapped drives and removable storage that is disconnected from the computer. Windows users should not underestimate threats like the '.braincrypt File Extension' Ransomware and may wish to consider adding a trustworthy anti-malware tool to their security suite.

Trending

Most Viewed

Loading...