AG88G Ransomware

AG88G Ransomware Description

Ransomware threats have been plaguing users online for quite a few years, and it would seem that cyber crooks are not losing interest in creating and distributing file-locking Trojans. Often, they would use the code of an already established ransomware threat to generate a data-locker. This is the case of the AG88G Ransomware. This file-encrypting Trojan is a variant of Matrix Ransomware.

Propagation and Encryption

The majority of the authors of ransomware threats propagate them via phishing emails. Often, the email would have a fraudulent message and a macro-laced attachment or a corrupted link. Another popular distribution method is malvertising. Cybercriminals would set up fake advertisements that are designed to mislead the user into installing malware on their system. Torrent trackers, bogus software updates/downloads, and fraudulent posts on social media are other common infection vectors in regards to data-lockers like the AG88G Ransomware. This nasty Trojan is likely to go after images, audio files, presentations, spreadsheets, documents, databases, archives, and many other filetypes once it encrypts a targeted system. This means that if the AG88G Ransomware compromises your PC, the majority of the data present on your computer will be locked. Once the AG88G Ransomware locks a file, it changes its filename by renaming it to '[].<VICTIM ID>-<VICTIM ID>. AG88G.' This means that the original filename is lost.

The Ransom Note

Upon completing the encryption process, the AG88G Ransomware would drop a ransom note on the breached host. The name of the file that contains the ransom message of the attack's perpetrators is 'Readme_AG88G.rtf.' In the note, the attackers warn users against using any third-party software to recover their da or they may lose their files. The authors of the AG88G Ransomware ask to be contacted via email. The email address provided is ‘'

It is best to stay away from cybercriminals. Even if you give in to their demands, they may never send you the decryption key you need to restore your files. You should remove the AG88G Ransomware from your system with the assistance of a reputable, up-to-date anti-malware solution.

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.