Anti-Capitalist Ransomware

The Anti-Capitalist Ransomware is an encryption ransomware Trojan that was first reported on January 29, 2019. The Anti-Capitalist Ransomware is a variant in the Jigsaw family of ransomware Trojans, which have been active for quite a long time. The Anti-Capitalist Ransomware, like most threats of this type, is designed to take victims' files hostage and then demand a ransom payment from the victim in exchange for returning access to any compromised files.

The Fake Anti-Capitalist Ransomware that Focuses on Money

The Anti-Capitalist Ransomware will use AES encryption to encrypt victims' files in its attack. The Anti-Capitalist Ransomware targets the user-generated files, which may include a wide variety of media files, documents, databases, configuration files, and numerous other data types. The data targeted by threats like the Anti-Capitalist Ransomware target in these infections include:

.jpg, .jpeg, .raw, .tif, .gif, .png, .bmp, .3dm, .max, .accdb, .db, .dbf, .mdb, .pdb, .sql, .dwg, .dxf, .cpp, .cs, .h, .php, .asp, .rb, .java, .jar, .class, .py, .js, .aaf, .aep, .aepx, .plb, .prel, .prproj, .aet, .ppj, .psd, .indd, .indl, .indt, .indb, .inx, .idml, .pmd, .xqx, .xqx, .ai, .eps, .ps, .svg, .swf, .fla, .as3, .as, .txt, .doc, .dot, .docx, .docm, .dotx, .dotm, .docb, .rtf, .wpd, .wps, .msg, .pdf, .xls, .xlt, .xlm, .xlsx, .xlsm, .xltx, .xltm, .xlsb, .xla, .xlam, .xll, .xlw, .ppt, .pot, .pps, .pptx, .pptm, .potx, .potm, .ppam, .ppsx, .ppsm, .sldx, .sldm, .wav, .mp3, .aif, .iff, .m3u, .m4u, .mid, .mpa, .wma, .ra, .avi, .mov, .mp4, .3gp, .mpeg, .3g2, .asf, .asx, .flv, .mpg, .wmv, .vob, .m3u8, .dat, .csv, .efx, .sdf, .vcf, .xml, .ses, .qbw, .qbb, .qbm, .qbi, .qbr , .cnt, .des, .v30, .qbo, .ini, .lgb, .qwc, .qbp, .aif, .qba, .tlg, .qbx, .qby , .1pa, .qpd, .txt, .set, .iif, .nd, .rtp, .tlg, .wav, .qsm, .qss, .qst, .fx0, .fx1, .mx0, .fpx, .fxr, .fim, .ptb, .ai, .pfb, .cgn, .vsd, .cdr, .cmx, .cpt, .csl, .cur, .des, .dsf, .ds4, , .drw, .eps, .ps, .prn, .gif, .pcd, .pct, .pcx, .plt, .rif, .svg, .swf, .tga, .tiff, .psp, .ttf, .wpd, .wpg, .wi, .raw, .wmf, .txt, .cal, .cpx, .shw, .clk, .cdx, .cdt, .fpx, .fmv, .img, .gem, .xcf, .pic, .mac, .met, .pp4, .pp5, .ppf, .nap, .pat, .ps, .prn, .sct, .vsd, .wk3, .wk4, .xpm, .zip, .rar.

The Anti-Capitalist Ransomware makes the damaged files easy to recognize because the Anti-Capitalist Ransomware will add the file extension '.fun' to each affected file. Unfortunately, once the Anti-Capitalist Ransomware enciphers a file, it will no longer be recoverable or recognized by the victim's applications. The Anti-Capitalist Ransomware delivers a ransom note typical of Jigsaw variants, with a countdown timer and various alarming elements. The Anti-Capitalist Ransomware demands a ransom payment of 0.095 Bitcoin, which is 325 USD approximately at the current exchange rate. The Anti-Capitalist Ransomware's ransom note is written in French and includes pictures of Molotov cocktails. It is clear that the criminals responsible for the Anti-Capitalist Ransomware attack have no intention of helping the victims recover their files as with most encryption ransomware Trojans. Therefore, computer users must refrain from paying any ransom associated with the Anti-Capitalist Ransomware attack.

Protecting Your Data from Threats Like the Anti-Capitalist Ransomware

Unfortunately, threats like the Anti-Capitalist Ransomware use encryption methods that are quite strong so that the files encrypted by these attacks are generally unrecoverable. Because of this, it is important that computer users take precautions to ensure that their data can be restored after an attack. This is especially important because these criminals will usually have no intention of restoring the compromised files, even if the ransom is paid. The best protection, therefore, is to have backup copies of all files and store these backups on external devices. Apart from file backups, the use of a security program that is fully up-to-date is fundamental, because it can be used to intercept and remove the Anti-Capitalist Ransomware before it compromises any data.