'.010001 File Extension' Ransomware

The '.010001 File Extension' Ransomware is an encryption ransomware Trojan that is used to take the victims' files hostage. The '.010001 File Extension' Ransomware was first reported on November 12, 2018. It seems that the '.010001 File Extension' Ransomware is being distributed using spam email campaigns, and at the time of this report, about one hundred computer users have downloaded and installed the '.010001 File Extension' Ransomware. The '.010001 File Extension' Ransomware carries out a typical version of the ransomware tactic, demanding a ransom payment from the victim after taking the victims' files hostage.

How the '.010001 File Extension' Ransomware Carries Out Its Attack

The '.010001 File Extension' Ransomware is designed to encrypt the victim's files using a strong encryption algorithm. Once the '.010001 File Extension' Ransomware has encrypted the victim's data, it delivers a ransom note demanding a ransom payment from the victim. The '.010001 File Extension' Ransomware marks all files encrypted by the attack by adding the file extension '.010001' to the end of the affected file. The '.010001 File Extension' Ransomware targets the user-generated files, which may include files with the following file extensions:

.jpg, .jpeg, .raw, .tif, .gif, .png, .bmp, .3dm, .max, .accdb, .db, .dbf, .mdb, .pdb, .sql, .dwg, .dxf, .cpp, .cs, .h, .php, .asp, .rb, .java, .jar, .class, .py, .js, .aaf, .aep, .aepx, .plb, .prel, .prproj, .aet, .ppj, .psd, .indd, .indl, .indt, .indb, .inx, .idml, .pmd, .xqx, .xqx, .ai, .eps, .ps, .svg, .swf, .fla, .as3, .as, .txt, .doc, .dot, .docx, .docm, .dotx, .dotm, .docb, .rtf, .wpd, .wps, .msg, .pdf, .xls, .xlt, .xlm, .xlsx, .xlsm, .xltx, .xltm, .xlsb, .xla, .xlam, .xll, .xlw, .ppt, .pot, .pps, .pptx, .pptm, .potx, .potm, .ppam, .ppsx, .ppsm, .sldx, .sldm, .wav, .mp3, .aif, .iff, .m3u, .m4u, .mid, .mpa, .wma, .ra, .avi, .mov, .mp4, .3gp, .mpeg, .3g2, .asf, .asx, .flv, .mpg, .wmv, .vob, .m3u8, .dat, .csv, .efx, .sdf, .vcf, .xml, .ses, .qbw, .qbb, .qbm, .qbi, .qbr , .cnt, .des, .v30, .qbo, .ini, .lgb, .qwc, .qbp, .aif, .qba, .tlg, .qbx, .qby , .1pa, .qpd, .txt, .set, .iif, .nd, .rtp, .tlg, .wav, .qsm, .qss, .qst, .fx0, .fx1, .mx0, .fpx, .fxr, .fim, .ptb, .ai, .pfb, .cgn, .vsd, .cdr, .cmx, .cpt, .csl, .cur, .des, .dsf, .ds4, , .drw, .eps, .ps, .prn, .gif, .pcd, .pct, .pcx, .plt, .rif, .svg, .swf, .tga, .tiff, .psp, .ttf, .wpd, .wpg, .wi, .raw, .wmf, .txt, .cal, .cpx, .shw, .clk, .cdx, .cdt, .fpx, .fmv, .img, .gem, .xcf, .pic, .mac, .met, .pp4, .pp5, .ppf, .nap, .pat, .ps, .prn, .sct, .vsd, .wk3, .wk4, .xpm, .zip, .rar.

The '.010001 File Extension' Ransomware delivers its ransom note in the form of a text file named 'tmpsfn_as.txt,' which contains the following message:

'ATTENTION!!!! Your personal files are encrypted!
To recover the files, you must:
* Send 500$ to the wallet 123PyVpWMSFW6V2qVyywRz7zhEo3K82M8K
* Send email to "jduy3jd87dhs@grr.la" indicating the reference "11111111111111110000000011110001" when you have paid.
* We will send a decryption program to recover your files.
* Make a backup of this file.
# HELPS #
- How do I buy digital currency with a credit or debit card in the US?
h[ttp]s://support.coinbase[.]com/customer/en/portal/articles/2343234-how-do-i-buy-bitcoin-with-a-debit-card-in-the-us-
- How do I send digital currency to another wallet?
h[ttp]s://support.coinbase[.]com/customer/en/portal/articles/971437-how-do-i-send-digital-currency-to-another-wallet-
- How to Buy Bitcoin on Coinbase, Step by Step
h[tt]ps://www.bitcoinmarketjournal[.]com/buy-bitcoin-on-coinbase/'

Typically, the criminals responsible for the '.010001 File Extension' Ransomware demand a ransom of about 500 USD to be paid via Bitcoin, and the victims are asked to contact the criminals via the 'jduy3jd87dhs@grr.la' email address.

Protecting Your Data from Threats Like the '.010001 File Extension' Ransomware

The best protection against threats like the '.010001 File Extension' Ransomware is to have file backups. Having file backups ensures that computer users can restore the files after they have been compromised by the '.010001 File Extension' Ransomware attack. Apart from file backups, PC security researchers strongly recommend that computer users protect their computers with a reliable, strong security program that is fully up-to-date.