Threat Database Ransomware 'backtonormal@foxmail.com' Ransomware

'backtonormal@foxmail.com' Ransomware

By GoldSparrow in Ransomware

The 'backtonormal@foxmail.com' Ransomware is an encryption ransomware Trojan that was first observed on October 19, 2018. The 'backtonormal@foxmail.com' Ransomware is part of a large family of encryption ransomware Trojans that is growing steadily, which is characterized by the fact that its members are a hybrid of elements from the Crysis and the Dharma Ransomware families. Malware analysts have observed several variants in this ransomware family released in Fall 2018. The 'backtonormal@foxmail.com' Ransomware and its variants are being delivered to the victims of these attacks through corrupted spam email attachments. The victims of the attack will generally receive an email message containing an attached Microsoft Office file with embedded macro scripts that download and install the 'backtonormal@foxmail.com' Ransomware onto the victim's computer.

Some Details about the 'backtonormal@foxmail.com' Ransomware Attack

The 'backtonormal@foxmail.com' Ransomware works by blocking all access to the victim's files, essentially taking them hostage. The 'backtonormal@foxmail.com' Ransomware uses a strong encryption algorithm to make all of the victim's files unusable. The 'backtonormal@foxmail.com' Ransomware targets a variety of the user-generated files in its attack, which may include numerous media files, documents, databases and others. The 'backtonormal@foxmail.com' Ransomware scans the victim's drives and may encrypt data located on local drives, network connected drives, and external memory devices connected to the infected computer. The 'backtonormal@foxmail.com' Ransomware will mark all files encrypted by the attack by adding the file extension '.id-.[backtonormal@foxmail.com].betta' to each affected file's name. The following are examples of the files that the 'backtonormal@foxmail.com' Ransomware and similar threats target in these attacks:

.jpg, .jpeg, .raw, .tif, .gif, .png, .bmp, .3dm, .max, .accdb, .db, .dbf, .mdb, .pdb, .sql, .dwg, .dxf, .cpp, .cs, .h, .php, .asp, .rb, .java, .jar, .class, .py, .js, .aaf, .aep, .aepx, .plb, .prel, .prproj, .aet, .ppj, .psd, .indd, .indl, .indt, .indb, .inx, .idml, .pmd, .xqx, .xqx, .ai, .eps, .ps, .svg, .swf, .fla, .as3, .as, .txt, .doc, .dot, .docx, .docm, .dotx, .dotm, .docb, .rtf, .wpd, .wps, .msg, .pdf, .xls, .xlt, .xlm, .xlsx, .xlsm, .xltx, .xltm, .xlsb, .xla, .xlam, .xll, .xlw, .ppt, .pot, .pps, .pptx, .pptm, .potx, .potm, .ppam, .ppsx, .ppsm, .sldx, .sldm, .wav, .mp3, .aif, .iff, .m3u, .m4u, .mid, .mpa, .wma, .ra, .avi, .mov, .mp4, .3gp, .mpeg, .3g2, .asf, .asx, .flv, .mpg, .wmv, .vob, .m3u8, .dat, .csv, .efx, .sdf, .vcf, .xml, .ses, .qbw, .qbb, .qbm, .qbi, .qbr , .cnt, .des, .v30, .qbo, .ini, .lgb, .qwc, .qbp, .aif, .qba, .tlg, .qbx, .qby , .1pa, .qpd, .txt, .set, .iif, .nd, .rtp, .tlg, .wav, .qsm, .qss, .qst, .fx0, .fx1, .mx0, .fpx, .fxr, .fim, .ptb, .ai, .pfb, .cgn, .vsd, .cdr, .cmx, .cpt, .csl, .cur, .des, .dsf, .ds4, .drw, .eps, .ps, .prn, .gif, .pcd, .pct, .pcx, .plt, .rif, .svg, .swf, .tga, .tiff, .psp, .ttf, .wpd, .wpg, .wi, .raw, .wmf, .txt, .cal, .cpx, .shw, .clk, .cdx, .cdt, .fpx, .fmv, .img, .gem, .xcf, .pic, .mac, .met, .pp4, .pp5, .ppf, .nap, .pat, .ps, .prn, .sct, .vsd, .wk3, .wk4, .xpm, .zip, .rar.

Dealing with the 'backtonormal@foxmail.com' Ransomware Trojan

The 'backtonormal@foxmail.com' Ransomware delivers a ransom note demanding the payment of a ransom to recover the affected files after taking over the victim's data. Computer users should refrain from paying this ransom. Paying these ransoms allows the criminals to continue creating threats like the 'backtonormal@foxmail.com' Ransomware and claiming more victims. The criminals responsible for the 'backtonormal@foxmail.com' Ransomware rarely, if ever, help the victims of their attacks to recover their files. They are more likely to either ignore the payment altogether or target the victim for additional attacks after the victim has shown a willingness to pay the ransom once. As with most encryption ransomware Trojans, the best measure against the 'backtonormal@foxmail.com' Ransomware is prevention. Computer users must protect their data by having backup copies of their data on the cloud or an exterior device. A security program can prevent the 'backtonormal@foxmail.com' Ransomware from being installed in the first place.

Trending

Most Viewed

Loading...