BG85 Ransomware

The BG85 Ransomware is an encryption-type malware that locks up data on user's computers, making it inaccessible without a special decryption key. The BG85 Ransomware is part of the Matrix Ransomware family and uses the AES-256 and RSA-2048 encryption algorithms. After the BG85Ransomware finishes the encryption, it changes the files' names to [BobGreen85@criptext.com], followed by a string of random characters; then, it appends the extension ".BG85." to every encrypted file.

How to Recognize a BG85 Ransomware Infection

Every affected computer receives an individual ID consisting of random numbers and letters. In the ransom note, the attackers ask the victim to contact them at one of the three given e-mail addresses - bobgreen85@aol.com, bobgreen85@criptext.com, or bobgreen85@tutanota.com, whereby the message's subject should contain the user's ID. The ransom note is dropped as a file named "BG85_INFO.rtf" in each folder in which there are encrypted files.

Is There a Way to Recuperate the Encrypted Files?

The BG85 Ransomware is typically spread through malspam campaigns where the cybercriminals embed the corrupted executables within e-mail attachments masked as important documents. Computers also can get infected with ransomware through corrupted software downloaded from unreliable sources on the Internet. Unfortunately, the files encrypted by the BG85 Ransomware can only be recovered from backups, while the malware itself can be removed with an anti-malware program.