Threat Database Ransomware '.x3m File Extension' Ransomware

'.x3m File Extension' Ransomware

By GoldSparrow in Ransomware

Threat Scorecard

Threat Level: 100 % (High)
Infected Computers: 2
First Seen: November 22, 2016
Last Seen: January 13, 2020
OS(es) Affected: Windows

The '.x3m File Extension' Ransomware is one of the many variants of the Globe Ransomware family that has been active in November of 2016. In Fall of this year, there has been an inordinately large amount of encryption ransomware variants, one of which is the '.x3m File Extension' Ransomware. The '.x3m File Extension' Ransomware is named after the file extension that is used to identify the files that have been encrypted by the '.x3m File Extension' Ransomware. The '.x3m File Extension' Ransomware encrypts the victim's files to demand ransom in exchange for the decryption key. To identify files that have been encrypted in the attack, the '.x3m File Extension' Ransomware uses the extension '.x3m.' The '.x3m File Extension' Ransomware is being distributed using corrupted spam email attachments. These email messages may claim that the victim needs to open an attachment to review a purchase on Amazon or to view a document sent by a contact (whose computer may have been infected to send out spam email). Using these social engineering tactics, con artists can force computer users to install threats like the '.x3m File Extension' Ransomware on their computers.

The '.x3m File Extension' Ransomware Attack

The '.x3m File Extension' Ransomware infection is a fairly typical ransomware Trojan, which uses two encryption algorithms to fully encrypt the victim's files and the decryption key itself. This makes it almost impossible to recover the files that have been encrypted during the '.x3m File Extension' Ransomware attack. The '.x3m File Extension' Ransomware can block all files on the victim's computer, including files on shared memory devices and external drives. The '.x3m File Extension' Ransomware encrypts the files, making them completely inaccessible. The '.x3m File Extension' Ransomware will change the infected file's extension to '.x3m' after encrypting its contents.

The '.x3m File Extension' Ransomware displays a ransom note to alert the victim of the attack and demand the ransom payment. Like other variants of this threat, the '.x3m File Extension' Ransomware uses an HTA application to display the ransom note, which is dropped on the victim's desktop in a file named 'GLOBE.hta.' The following message is displayed on the victim's computer:

'Your files are encrypted!
Your personal ID
[random characters]
Your documents, photos, databases, save games and other important data has been encrypted.
Data recovery is required decipher
To get the interpreter should send to deyscriptors24@india.com In a message write your personal identifier (you can find it in the beginning of this document).
next, you need to pay for the interpreter. In a response letter you will receive the address of Bitcoin-wallet to which you want perform the transfer of funds in the amount of 0.8 bitcoin'

The amount of the ransom, approximately $600 USD at the current exchange rate, is quite high. PC security analysts strongly advise that computer users refrain from paying the '.x3m File Extension' Ransomware's ransom. There are many reasons why the people responsible for the '.x3m File Extension' Ransomware attack cannot be trusted to deliver the decryption key after the payment is carried out. It is equally likely that the con artists will simply ask for more money or ignore the victim altogether.

Dealing with the '.x3m File Extension' Ransomware Attacks

The best measure for dealing with the '.x3m File Extension' Ransomware and other encryption ransomware Trojans is to prevent the attack by ensuring that your computer is well protected. The best protection against the '.x3m File Extension' Ransomware and other variants of this hoax is to have backups of all files. PC security analysts strongly advise having offsite backups, either on the cloud or an external memory device disconnected from the computer. This way, the people responsible for the '.x3m File Extension' Ransomware cannot demand any ransom payment since computer users can recover by restoring the files from the backup quickly.

Trending

Most Viewed

Loading...