HackdoorCrypt3r Ransomware

The HackdoorCrypt3r Ransomware is a file-locker whose authors appear to have been inspired by the STOP Ransomware – while their threat is not a variant of the infamous file-encryption Trojan, it uses the ransom note layout that is used by all of the variants of the STOP Ransomware. Unfortunately, the HackdoorCrypt3r Ransomware appears to be incompatible with free decryption options at the moment, and its victims may not be able to get their files back easily – the only guaranteed way to complete this task is to restore the original files from an up-to-date and unharmed backup.

Threats like the HackdoorCrypt3r Ransomware may be spread via various means – pirated software, fraudulent emails, and bogus downloads are just some of the popular tricks that cybercriminals may use to propagate their threatening application. Our advice to the readers is to avoid shady download locations and suspicious files, as well as to make use of a reputable anti-virus product that will keep their systems protected from the HackdoorCrypt3r Ransomware and similar threats.

The Indecryptable HackdoorCrypt3r Ransomware Spreads via Fake Downloads and Pirated Content

If the HackdoorCrypt3r Ransomware is not stopped on time, the threatening application may encrypt the contents of various documents, images, archives, videos and other files. Whenever it encrypts a file, the threat will mark its name by adding the '.hackdoor' extension to its name. Another change that the threat brings is the creation of the file '!how_to_unlock_your_file.txt.' This ransom demand can be found on the desktop, and, as mentioned above, it is an almost exact copy of the ransom message that the STOP Ransomware uses. The notable difference is the email address used for contact – the perpetrators have added decryptfs@protonmail.com as the only way to get in touch with them. Apart from this, they state that the ransom fee is $490 for the first 72 hours, and it will be doubled to $980 after this. They want to receive the money via a Bitcoin transaction, and state that they are ready to decrypt 1-2 files for free if their victims want to see proof that the decryption of their files is possible.

Cooperating with cybercriminals is unlikely to end well for you – they want to be paid a hefty amount of money, and it would not be a surprise if the anonymous crooks try to trick you. The advice is not to take unnecessary risks by paying the ransom fee. Instead, use a legitimate anti-virus product to clean the infected files off of your computer, and then try to undo the damage done to your files with popular data recovery utilities.