Project34 Ransomware

Project34 Ransomware Description

The Project34 Ransomware is a ransomware Trojan. Like other encryption ransomware infections, the Project34 Ransomware is designed to make the victims' files inaccessible. To do this, the Project34 Ransomware encrypts them using a strong encryption algorithm. Then, the victim is asked to pay a large ransom to recover the affected files.

By Opening E-Mail Attachments PC Users may Get the Project34 Ransomware

PC security researchers first received reports of the Project34 Ransomware infections on March 13, 2017. The Project34 Ransomware is designed to attack computers using the Windows operating system. The Project34 Ransomware attacks seem to be centered in Asia, particularly in Central Asia and Russian-speaking countries. The countries where the Project34 Ransomware attacks have been reported include Russia, Kazakhstan, Ukraine, Iran, Uzbekistan, Kyrgyzstan and Azerbaijan. The Project34 Ransomware may be delivered through spam email attachments claiming to include a bill in their attachments. The Project34 Ransomware distribution also may leverage social media websites such as Vkontakte and Onoklassniki in its attack. Computer users should refrain from opening unsolicited email attachments and block the automatic execution of scripts on their software to prevent the Project34 Ransomware and similar threats from being installed.

How the Project34 Ransomware Attack is Carried Out

The Project34 Ransomware receives its name because the email address project34@india.com is used to carry out payments and communications with victims. The Project34 Ransomware targets a wide variety of file types in its attack, encrypting them by using a strong encryption algorithm. The Project34 Ransomware will encrypt files such as images, media files, and documents created by a variety of applications. The Project34 Ransomware may be associated with an executable file named WindowsUpdate.exe and during its attack it will drop a file named ПАРОЛЬ.txt (PASSWORD.txt) on the infected computer's desktop. The Project34 Ransomware uses a strong encryption method and encrypts its communications with its Command and Control servers. The files that become compromised during the Project34 Ransomware attack will have their names altered, with the Project34 Ransomware's associated email address appended to each affected file's name as a prefix. Once the Project34 Ransomware encrypts a file, it will no longer be readable without the decryption key. The text file dropped by the Project34 Ransomware contains the following text (originally in Russian, translated here into English):

'YOUR FILES ARE PLACED UNDER A PASSWORD
TO GET THE PASSWORD
WRITE US ON project34@india.com
WE WILL RESPOND TO YOU WITHIN 20 HOURS
IN A MESSAGE, SPECIFY YOUR IP ADDRESS
IT IS POSSIBLE TO FIND IT VIA 2IP.RU'

Dealing with the Project34 Ransomware Infection

The Project34 Ransomware uses a strong encryption algorithm that has been associated with other threats, such as Locky. Unfortunately, this means that the files encrypted with the Project34 Ransomware cannot be deciphered without the decryption key that is generated during the attack (which the con artists hold in their possession). It is likely that the Project34 Ransomware is associated with the RozaLocker and another family of ransomware Trojans that target computer users in that region. The Project34 Ransomware may ask for a ransom payment of 35,650 Rubles (600 USD/564 EUR) if it follows the same approach as similar threats being used in associated attacks. PC security researchers strongly advise computer users to refrain from paying the Project34 Ransomware ransom. In most cases, the people responsible for the attack will not keep their word and deliver the decryption key; instead, they will keep the ransom payment for themselves or even ask for more money from the victim. Apart from this, paying the Project34 Ransomware ransom allows the people responsible for the attack to continue creating these threats and infecting new computers. Instead of paying the Project34 Ransomware ransom, ensure that your computer is protected against these attacks adequately. The best protection against the Project34 Ransomware and similar infections requires having backup copies of all files.

Infected with Project34 Ransomware? Scan Your PC for Free

Download SpyHunter’s Spyware Scanner
to Detect Project34 Ransomware
* SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware removal tool to remove the malware threats. Read more on SpyHunter. If you no longer wish to have SpyHunter installed on your computer, follow these steps to uninstall SpyHunter.

Security Doesn't Let You Download SpyHunter or Access the Internet?


Solutions: Your computer may have malware hiding in memory that prevents any program, including SpyHunter, from executing on your computer. Follow to download SpyHunter and gain access to the Internet:
  • Use an alternative browser. Malware may disable your browser. If you're using IE, for example, and having problems downloading SpyHunter, you should open Firefox, Chrome or Safari browser instead.
  • Use a removable media. Download SpyHunter on another clean computer, burn it to a USB flash drive, DVD/CD, or any preferred removable media, then install it on your infected computer and run SpyHunter's malware scanner.
  • Start Windows in Safe Mode. If you can not access your Window's desktop, reboot your computer in "Safe Mode with Networking" and install SpyHunter in Safe Mode.
  • IE Users: Disable proxy server for Internet Explorer to browse the web with Internet Explorer or update your anti-spyware program. Malware modifies your Windows settings to use a proxy server to prevent you from browsing the web with IE.

If you still can't install SpyHunter? View other possible causes of installation issues.

Site Disclaimer

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.

IMPORTANT! To be able to proceed, you need to solve the following simple math.
Please leave these two fields as is:
What is 13 + 8 ?