'Supportfriend@india.com' Ransomware

The 'Supportfriend@india.com' Ransomware is another CrySIS-powered cryptomalware that is known to be used in attacks on applications servers, FTP servers, mail servers, WordPress sites, and database servers alike. The 'Supportfriend@india.com' Ransomware is built as a new variant of the Crysis Ransomware that is supposed to avoid detection and connect cryptomalware operators with their victims via the email 'Supportfriend@india.com'. Researchers note that the ransomware developers associated with the Crysis Ransomware are known to use a plethora of email accounts to facilitate their operations since cyber crime agencies around the world are dedicated to blocking their accounts as soon as they are flagged. Server administrators that receive spam related to new friends on Facebook and Twitter and available updates to their server platform should ignore it. It is more than likely that spam mail in your inbox might be loaded with cryptomalware like the 'Supportfriend@india.com' Ransomware.

The 'Supportfriend@india.com' Ransomware made its appearance in late August 2016 and is distributed to server machines via corrupted WordPress plug-ins, spam mail, compromised Web panels and remote desktop connections. Researchers report that the 'Supportfriend@india.com' Ransomware uses the AES-128 cipher to encode data and appends the id.[thirteen random characters].'Supportfriend@india.com'.xtbl suffix to affected objects. The 'Supportfriend@india.com' Ransomware is known to target the following file types:

.PNG, .PSD, .PSPIMAGE, .TGA, .THM, .TIF, .TIFF, .YUV, .AI, .EPS, .PS, .SVG, .INDD, .PCT, .PDF, .XLR, .XLS, .XLSX, .ACCDB, .DB, .DBF, .MDB, .PDB, .SQL, .APK, .APP, .BAT, .CGI, .COM, .EXE, .GADGET, .JAR, .PIF, .WSF, .DEM, .GAM, .NES, .ROM, .SAV, .DWG, .DXF, .GPX, .KML, .KMZ, .ASP, .ASPX, .CER, .CFM, .CSR, .CSS, .HTM, .HTML, .JS, .JSP, .PHP, .RSS, .XHTML, .DOC, .DOCX, .LOG, .MSG, .ODT, .PAGES, .RTF, .TEX, .TXT, .WPD, .WPS, .CSV, .DAT, .GED, .KEY, .KEYCHAIN, .PPS, .PPT, .PPTX, .INI, .PRF, .HQX, .MIM, .UUE, .7Z, .CBR, .DEB, .GZ, .PKG, .RAR, .RPM, .SITX, .TAR.GZ, .ZIP, .ZIPX, .BIN, .CUE, .DMG, .ISO, .MDF, .TOAST, .VCD, .SDF, .TAR, .TAX2014, .TAX2015, .VCF, .XML, .AIF, .IFF, .M3U, .M4A, .MID, .MP3, .MPA, .WAV, .WMA, .3G2, .3GP, .ASF, .AVI, .FLV, .M4V, .MOV, .MP4, .MPG, .RM, .SRT, .SWF, .VOB, .WMV, .3D, .3DM, .3DS, .MAX, .OBJ, R.BMP, .DDS, .GIF, .JPG,.CRX, .PLUGIN, .FNT, .FON, .OTF, .TTF, .CAB, .CPL, .CUR, .DESKTHEMEPACK, .DLL, .DMP, .DRV, .ICNS, .ICO, .LNK, .SYS, .CFG.

Moreover, the 'Supportfriend@india.com' Ransomware might delete backup images that are stored on unprotected drives. Server admins that the facing an attack with the 'Supportfriend@india.com' Ransomware will notice that SQL servers and sites cannot be loaded due to corrupted data. For example, the file promotions_September_2016.xslx will be encrypted to promos_September_2016.xslx.id.B0S8UMVO0SG49.'Supportfriend@india.com'. As stated above, the 'Supportfriend@india.com' Ransomware is a variant of CrySIS (not the game engine) and is almost identical to the Ramachandra7@india.com Ransomware and the Mailrepa.lotos@aol.com Ransomware. Unfortunately, there is no free decryptor for the 'Supportfriend@india.com' Ransomware and users should rely on backups and archives. Just be sure that you are using a clean backup that is not affected by the 'Supportfriend@india.com' Ransomware.

We do not advise paying the ransom since the operators of the 'Supportfriend@india.com' Ransomware do not deliver a decryption software to their victims. The continues usage of numerous emails and lack of innovation in the code of the 'Supportfriend@india.com' Ransomware suggest that its operators are desperate to generate money and tend to avoid prolonged exposure to emails from victims. The experts remind users to incorporate a backup solution into their OSes and use a reliable anti-malware suite to remove the 'Supportfriend@india.com' Ransomware safely.