R Ransomware
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
Threat Level: | 100 % (High) |
Infected Computers: | 397 |
First Seen: | April 3, 2017 |
Last Seen: | February 8, 2022 |
OS(es) Affected: | Windows |
The R Ransomware is a ransomware Trojan that was first observed in April 2017. Victims of the R Ransomware are asked to make a ransom payment through a Tor network portal, which uses a logo made up of the letter 'R.' There are various ways in which the R Ransomware can enter a computer, including corrupted email attachments or hacking into computers directly, taking advantage of weak security measures. The R Ransomware uses a combination of the AES and RSA encryptions to encrypt the victims' files, taking them hostage after making them inaccessible. The R Ransomware represents a real threat to computer users and their data, and they should act to protect themselves from these attacks.
Understanding Threats Like the R Ransomware
Threats like the R Ransomware are quite threatening since the files encrypted in these attacks become inaccessible completely. The R Ransomware is designed to encrypt the victims' files and targets numerous file types, including video files, music files, images, and various types of documents. The R Ransomware uses a combination of the AES-256 and RSA-2048 encryption to make the victim's files completely unrecoverable after the attack. The R Ransomware delivers a ransom note in a text file that is named 'Ransomware.txt,' which includes instructions on how to pay the R Ransomware ransom to recover the affected files. The R Ransomware's ransom note is dropped on the infected computer's desktop. Below is the full text of the R Ransomware ransom note:
'Encrypted files!
All your files are encrypted. Using AES256-bit encryption and RSA-2048-bit encryption.
Making it impossible to recover files without the correct private key.
If you are interested in getting is the key and recover your files You should proceed with the following steps.
The only way to decrypt your files safely is to buy the Decrypt and Private Key software.
Any attempts to restore your files with the third-party software will be fatal for your files!
To proceed with the purchase, you must access one of the link below
h[tt]ps://rvneiqch7moech7j.onion.to/
h[tt]ps://rvneiqch7moech7j.onion.link/
If neither of the links is online for a long period of time, there is another way to open it, you should install the Tor Browser
If your personal page is not available for a long period there is another way to open your personal page - installation and use of Tor Browser:
[Instructions on how to install the TOR Browser]
Your Key: [RANDOM CHARACTERS]'
Dealing with the R Ransomware Infection
PC security researchers strongly advise computer users to ignore the instructions in the R Ransomware ransom note and refrain from paying this ransomware threat's ransom. According to the R Ransomware, victims are meant to pay a large ransom of 2 BitCoins (approximately $2300 USD) to recover from the attack. Apart from the fact that the con artists may ignore the payments and fail to help victims recover from the attacks, paying this large amount of money finances harmful activities and allows more variants of the R Ransomware to be produced and distributed. Instead, take precautionary measures.
Fortunately, computer users can nullify the R Ransomware attack completely by simply having backup copies of their data. Having backup copies of all files allows victims to recover quickly from a R Ransomware attack by simply deleting the encrypted files and restoring them from the backup. However, make sure that the backup copies are located on an external memory device that is not connected to the main computer, or on the cloud and not allowed to synchronize (because this would put the backups themselves at risk for becoming encrypted in the attack). Although the files encrypted by the R Ransomware cannot be recovered yet, the R Ransomware infection itself can be removed with the help of a reliable security program that is fully up-to-date.
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.