Some of the most dangerous malware for computers today are currently ransomware that perform encryption actions while seeking monetary gain from victimized computer users. Such ransomware have taken the computer security world by storm and are relentless in their destruction through permanently damaging computer files and applications. Cybercriminal groups from Russia are now taking advantage of methods that apply full encryption of the files it processes.
What is known as the Troldesh ransomware, is an extremely aggressive crypto ransomware that originated from Russia and can open a communication channel with victims for payment instructions. Through the opened communication channel, the price that is asked to pay for a file decryption key may be negotiated in some aspects.
Troldesh Ransomware may also be identified by the name of Encoder.858 and Shade. In most instances of spreading it is distributed through spam messages. Upon initializing from opening up the spam message attachment containing Troldesh it will then start locking up data on the infected system changing file extensions to XBTL. Once this process has started, it will then display the ransom message directing computer users to open a Readme text file for additional details.
Over the course of the past year, crypto ransomware like CrytoLocker have evolved to fine tune their payment details for collection of payments from victimized computer users. In the case of Troldesh Ransomware, the payment options are somewhat flexible where it offers users the opportunity to receive a discount of about 50% lowering the price from $278 to $131 to obtain the decryption key.
Like other ransomware, seeking a decryption key is thought to be essential for recovering files that were encrypted by the malware. For those that fail to decrypt the encrypted files, Troldesh Ransomware will have taken oven the computer and caused irreversible damage to the affected files.
The Russian cybercrooks who have crafted Troldesh Ransomware look to gain trust and additional business through the practice of offering a so-called discount for buying a decryption key. Avoiding the case of needing a discount and paying the fee asked by Troldesh Ransomware, computer users may take refuge in an anti-spyware application capable of detecting and removing ransomware.
As a side note, computer users who are faced with the Troldesh Ransomware and offered a discounted price to obtain a decryption key, it is highly suggested to avoid the temptation. The best method of protection from ransomware like Troldesh is backing up your files and storing your backup copy in a safe place that cannot be affected by future infections.