Threat Database Ransomware Alice Ransomware

Alice Ransomware

The Alice Ransomware is a threatening piece of software that has been used to target computers around the world. It is typically spread through phishing emails containing tampered attachments or links to unsafe websites. Once installed, it encrypts files on the user's computer and demands a ransom payment to unlock them.

How the Alice Ransomware Damages the Targeted Files

The ransomware uses strong encryption algorithms, including AES-256 and RSA-2048, making it difficult for victims to recover their data without paying the ransom. Once the Alice Ransomware has encrypted a system's data, a message is displayed on the screen informing users that their data has been locked and can only be unlocked by sending a certain amount of Bitcoin (or other digital currency) to the attackers. The attackers also provide detailed instructions on how to pay the ransom.

The Alice Ransomware is particularly threatening because it can spread across networks quickly if not contained, allowing it to encrypt many computers at once. Additionally, the Alice Ransomware often deletes backups, which makes recovery more difficult or impossible. 

Is the Ransom Payment a Recommended Solution?

No, paying a ransom demand is never recommended. Giving into the demands of attackers may give them the incentive to continue their illegal activities and can put your data in jeopardy if they don't keep their end of the bargain. The people controlling the Alice Ransomware demand 150  USD as a ransom. However, paying the ransom does not guarantee the return of your data. In fact, it is likely that you will never get your data back and only be helping to finance criminals. They also provide two ways to communicate with them; @sorry_bro_bivaet (Telegram) and

manner to protect yourself from the Alice Ransomware is to ensure all software is updated with the latest security patches and a backup of any crucial data you have stored on the infected computer saved in an external device or cloud storage.

 The Ransom Note Delivered by the Alice Ransomware

Upon completion of the encryption process, a text file with the name "How To Restore Your Files.txt" is generated. In this file, the victims will find the demands of the attackers to supposedly send the software that can decrypt the damaged data. The note is in Russian and reads:

Привет! твой компьютер заблокирован, данные будут уничтожены полностью. При попытке удаления сгорит материнская плата и жесткий диск. Для сохранения данных необходимо перевести 150 долларов на btc кошелек bc1qaya7rnzp3lx3zcq4v9v4lskahltrd0nq50s4x0 и написать в тг @sorry_bro_bivaet

Translated to English:

'Hello! your computer is locked, the data will be completely destroyed. If you try to remove it, the motherboard and hard drive will burn. To save the data, you need to transfer 150 dollars to the btc wallet bc1qaya7rnzp3lx3zcq4v9v4lskahltrd0nq50s4x0 and write to tg @sorry_bro_bivaet'

How to Deal with an Alice Ransomware Infection

1. Immediately disconnect your computer from the internet. This will prevent the ransomware from spreading further and encrypting other computers on your network.

2. If possible, use your external backup or try using data recovery software to restore encrypted files without paying the ransom. However, the second option is not always successful and cannot be guaranteed.

3. Run a full system scan with updated anti-malware software to detect and remove any malicious files associated with Alice Ransomware.

Related Posts


Most Viewed