‘.invaded File Extension’ Ransomware
The '.invaded File Extension' Ransomware is an encryption ransomware Trojan that seems to belong to the same family as the Jigsaw Ransomware Trojan. The '.invaded File Extension' Ransomware is distributed through corrupted spam email attachments mainly, often taking the form of corrupted Microsoft Word files that contain embedded macro scripts that download and install the '.invaded File Extension' Ransomware onto the victim's computer. The '.invaded File Extension' Ransomware is distributed via email messages that will use social engineering techniques to trick victims into opening the attached file.
How the '.invaded File Extension' Ransomware Does What Its Name Promises
The '.invaded File Extension' Ransomware uses the AES encryption to make the victim's files inaccessible. This is what let the '.invaded File Extension' Ransomware take the victim's files hostage. The '.invaded File Extension' Ransomware adds the file extension '.invaded' to each file encrypted by the attack. The '.invaded File Extension' Ransomware searches for the user-generated files while avoiding the Windows system files. Ransomware threats like the '.invaded File Extension' Ransomware will target in these attacks the files listed below:
.ebd, .jbc, .pst, .ost, .tib, .tbk, .bak, .bac, .abk, .as4, .asd, .ashbak, .backup, .bck, .bdb, .bk1, .bkc, .bkf, .bkp, .boe, .bpa, .bpd, .bup, .cmb, .fbf, .fbw, .fh, .ful, .gho, .ipd, .nb7, .nba, .nbd, .nbf, .nbi, .nbu, .nco, .oeb, .old, .qic, .sn1, .sn2, .sna, .spi, .stg, .uci, .win, .xbk, .iso, .htm, .html, .mht, .p7, .p7c, .pem, .sgn, .sec, .cer, .csr, .djvu, .der, .stl, .crt, .p7b, .pfx, .fb, .fb2, .tif, .tiff, .pdf, .doc, .docx, .docm, .rtf, .xls, .xlsx, .xlsm, .ppt, .pptx, .ppsx, .txt, .cdr, .jpe, .jpg, .jpeg, .png, .bmp, .jiff, .jpf, .ply, .pov, .raw, .cf, .cfn, .tbn, .xcf, .xof, .key, .eml, .tbb, .dwf, .egg, .fc2, .fcz, .fg, .fp3, .pab, .oab, .psd, .psb, .pcx, .dwg, .dws, .dxe, .zip, .zipx, .7z, .rar, .rev, .afp, .bfa, .bpk, .bsk, .enc, .rzk, .rzx, .sef, .shy, .snk, .accdb, .ldf, .accdc, .adp, .dbc, .dbx, .dbf, .dbt, .dxl, .edb, .eql, .mdb, .mxl, .mdf, .sql, .sqlite, .sqlite3, .sqlitedb, .kdb, .kdbx, .1cd, .dt, .erf, .lgp, .md, .epf, .efb, .eis, .efn, .emd, .emr, .end, .eog, .erb, .ebn, .ebb, .prefab, .jif, .wor, .csv, .msg, .msf, .kwm, .pwm, .ai, .eps, .abd, .repx, .oxps, .dot.
The '.invaded File Extension' Ransomware will deliver its ransom note in the form of a command line window containing the following text:
'Ok! you are dumb enough to open this obvious ransomware soon um just read:
find out the encryption password which is pretty easy i'm not gonna lie. either you find the encpass or you get something to decrypt your files.
But, don't worry! only one file will be deleted after an hour AND if ur really stuck i may help you out 🙂
just start now. don't waste your time. meanwhile i'm gonna type some random stuff because i can. cmon HURRY NOW 🙂
blablablablablablablablablablablablablablablablablablablabla
OH AND FOR THE LOVE OF GOD DON'T EXIT THIS PROGRAM. YOU'LL LOSE 1000 FILES according to this shitty code. or.. i may remove that function...
Cough Cough. Jigsaw Decryptor Cough Cough.'
Protecting Your Data from Threats Like the '.invaded File Extension' Ransomware
Unfortunately, if the '.invaded File Extension' Ransomware targets a file, it cannot be recovered without the decryption key, which the criminals responsible for the '.invaded File Extension' Ransomware hold in their possession. This is why security experts are so emphatic when they counsel computer users to have backup copies of their data, which should be stored on independent devices. Having file backups ensures that computer users can restore their files without having to interact with the criminals or attempting to recover the files through alternate means. Apart from file backups, they should use anti-malware programs to intercept threats like the '.invaded File Extension' Ransomware. A reliable anti-spam filter also can help computer users to stop these threats before they are installed onto their computers.
