Berost Ransomware

Recently, another file-locking Trojan emerged from the depths of the dark world of cybercrime – the Berost Ransomware. Soon enough, after malware experts took a close look into it, it was established that the Berost Ransomware is from the STOP Ransomware family, which has gained some traction. Like in the case of the Berost Ransomware, cyber crooks choose to alter an already existing ransomware threat and make their own variant instead of creating one from scratch. It would seem that more and more shady individuals are eager to jump on the 'ransomware train' because it is perceived as a promise for easy cash generated in a short amount of time.

As it is with most ransomware threats, the most likely and most common ways of propagating these pests are via fake update notifications, mass spam email campaigns and infected pirated software. Upon settling onto your PC, the Berost Ransomware would start looking for files to encrypt by scanning your computer. After performing the scan, the Berost Ransomware would move onto the next step of the attack swiftly, which is encrypting your files. When the Berost Ransomware locks a file, it will change its name by adding the '.berost' extension. This is where its name is derived from too. So, if you had a music video on your PC that you had named 'Billie-Eilish.mp4,' the Berost Ransomware would alter this to 'Billie-Eilish.mp4.berost' and thus render it unusable. Then, the Berost Ransomware drops a ransom note with the name '_readme.txt.' The creators of the Berost Ransomware do not specify what the ransom fee would be to decrypt your data, but they provide you with two email addresses where the victim would receive further information – gorentos@bitmessage.ch and vengisto@firemail.cc.

We would recommend you to stay away from cybercriminals like the ones responsible for the Berost Ransomware. They will promise you to unlock all your data if you pay them, but you can never have a guarantee that they possess a decryption tool. Even if they do, they are likely not to bother sending it to you once they get your money. What you can do instead is download a trusted and reputable security suite and trust it with wiping the Berost Ransomware off your system.