Afrodita Ransomware Description
Most authors of ransomware tend to propagate their creations as far and as wide as they possibly can. However, this is not always the case. Some con actors that propagate ransomware threats prefer to concentrate their efforts on fewer targets, but of higher quality. It would appear that this is the case with the recently spotted file-locking Trojan called the Afrodita Ransomware.
Propagation and Encryption
The authors of the Afrodita Ransomware have opted to target companies operating in Croatia exclusively. The Afrodita Ransomware is being propagated via phishing emails that contain a fraudulent message containing various social engineering tricks and a corrupted attachment, which at first glance appears to be nothing more than a regular spreadsheet. However, the spreadsheet is macro-laced, which means that if the intended target launches the file, the payload of the Afrodita Ransomware will be downloaded and executed. Next, the Afrodita Ransomware will make sure to sniff out all the file types it was programmed to target, and when this phase of the attack has been completed, the threat will begin the encryption process.
The Ransom Note
When the Afrodita Ransomware locks all the targeted file successfully, the threat will drop a ransom note on the user’s desktop. The note is named ‘__README__ENCRYPTED__AFRODITA__.txt.’ The message of the authors of the Afrodita Ransomware is rather short and to the point. Instead of explaining to the users that they have become a victim of a ransomware attack, the creators of the Afrodita Ransomware simply link them to a Tor-based page where the person can get in touch with the attackers. The authors of this nasty Trojan do not mention a specific ransom fee, but it is likely that they will demand no less than several hundred dollars in exchange for a decryption key.
It is best to avoid contacting cybercriminals as there is a very slim chance that they will keep the promises they will make to you. Many victims of data-encrypting Trojans like the Afrodita Ransomware never receive the decryption key they needed, despite paying the ransom fee. This is why you should consider trusting a reputable anti-virus software suite to clear your system of the Afrodita Ransomware once and for all.
Do You Suspect Your PC May Be Infected with Afrodita Ransomware & Other Threats? Scan Your PC with SpyHunterSpyHunter is a powerful malware remediation and protection tool designed to help provide PC users with in-depth system security analysis, detection and removal of a wide range of threats like Afrodita Ransomware as well as a one-on-one tech support service. Download SpyHunter's FREE Malware Remover
Security Doesn't Let You Download SpyHunter or Access the Internet?Solutions: Your computer may have malware hiding in memory that prevents any program, including SpyHunter, from executing on your computer. Follow to download SpyHunter and gain access to the Internet:
- Use an alternative browser. Malware may disable your browser. If you're using IE, for example, and having problems downloading SpyHunter, you should open Firefox, Chrome or Safari browser instead.
- Use a removable media. Download SpyHunter on another clean computer, burn it to a USB flash drive, DVD/CD, or any preferred removable media, then install it on your infected computer and run SpyHunter's malware scanner.
- Start Windows in Safe Mode. If you can not access your Window's desktop, reboot your computer in "Safe Mode with Networking" and install SpyHunter in Safe Mode.
- IE Users: Disable proxy server for Internet Explorer to browse the web with Internet Explorer or update your anti-spyware program. Malware modifies your Windows settings to use a proxy server to prevent you from browsing the web with IE.