'Bitcoinpay@india.com' Ransomware
The 'Bitcoinpay@india.com' Ransomware is a ransomware Trojan that carries out a typical ransomware attack on its victims. The 'Bitcoinpay@india.com' Ransomware encrypts victims' files and then demands the payment of a ransom in exchange for the decryption key. Computer users are advised to take precautions, as ransomware threats like the 'Bitcoinpay@india.com' Ransomware have seen increased activity in 2016 and are likely to continue to be a major threat in the coming year.
The 'Bitcoinpay@india.com' Ransomware Attack
The 'Bitcoinpay@india.com' Ransomware is one of the countless variants in the Crysis family of ransomware. The 'Bitcoinpay@india.com' Ransomware receives this name because the extortionists to communicate with victims of the attack use the ‘Bitcoinpay@india.com’ email address. There are very few differences between the 'Bitcoinpay@india.com' Ransomware and other variants of Crysis. The 'Bitcoinpay@india.com' Ransomware uses obfuscation techniques that make it difficult for PC security researchers to study this and other Crysis variants. The 'Bitcoinpay@india.com' Ransomware variant, in particular, seems to target servers over individuals' computer systems.
Limiting Server Exposure to the 'Bitcoinpay@india.com' Ransomware Attacks
The 'Bitcoinpay@india.com' Ransomware attack is fairly typical of these infections. It is highly likely that the 'Bitcoinpay@india.com' Ransomware is part of a RaaS (Ransomware as a Service) scheme, where con artists pay other con artists to make custom versions of these ransomware threats for distribution. This accounts for a large amount of variants of these threats that tend to exist.
The 'Bitcoinpay@india.com' Ransomware uses combined AES and RSA encryption algorithms to encrypt the victims' data, making the files inaccessible. The 'Bitcoinpay@india.com' Ransomware will encrypt all local drives, as well as shared drives and external memory devices. The 'Bitcoinpay@india.com' Ransomware identifies the files encrypted during the attack by renaming them following the scheme 'filename.id-[8 random characters].bitcoinpay@india.com.xtbl.' According to reports received by our malware analysts, the 'Bitcoinpay@india.com' Ransomware will target the following file types in its attack:
.PNG, .PSD, .PSPIMAGE, .TGA, .THM, .TIF, .TIFF, .YUV, .AI, .EPS, .PS, .SVG, .INDD, .PCT, .PDF, .XLR, .XLS, .XLSX, .ACCDB, .DB, .DBF, .MDB, .PDB, .SQL, .APK, .APP, .BAT, .CGI, .COM, .EXE, .GADGET, .JAR, .PIF, .WSF, .DEM, .GAM, .NES, .ROM, .SAV, .DWG, .DXF, .GPX, .KML, .KMZ, .ASP, .ASPX, .CER, .CFM, .CSR, .CSS, .HTM, .HTML, .JS, .JSP, .PHP, .RSS, .XHTML, .DOC, .DOCX, .LOG, .MSG, .ODT, .PAGES, .RTF, .TEX, .TXT, .WPD, .WPS, .CSV, .DAT, .GED, .KEY, .KEYCHAIN, .PPS, .PPT, .PPTX, .INI, .PRF, .HQX, .MIM, .UUE, .7Z, .CBR, .DEB, .GZ, .PKG, .RAR, .RPM, .SITX, .TAR.GZ, .ZIP, .ZIPX, .BIN, .CUE, .DMG, .ISO, .MDF, .TOAST, .VCD, .SDF, .TAR, .TAX2014, .TAX2015, .VCF, .XML, .AIF, .IFF, .M3U, .M4A, .MID, .MP3, .MPA, .WAV, .WMA, .3G2, .3GP, .ASF, .AVI, .FLV, .M4V, .MOV, .MP4, .MPG, .RM, .SRT, .SWF, .VOB, .WMV, .3D, .3DM, .3DS, .MAX, .OBJ, R.BMP, .DDS, .GIF, .JPG,.CRX, .PLUGIN, .FNT, .FON, .OTF, .TTF, .CAB, .CPL, .CUR, .DESKTHEMEPACK, .DLL, .DMP, .DRV, .ICNS, .ICO, .LNK, .SYS, .CFG.
There are several measures server administrators can take to limit their exposure to the 'Bitcoinpay@india.com' Ransomware and similar attacks:
- Ensure that servers are protected from attacks adequately, using strong passwords and enabling all appropriate security protocols. PC security analysts also strongly advise that appropriate firewalls and security programs are installed to intercept the 'Bitcoinpay@india.com' Ransomware before it begins its attack.
- The 'Bitcoinpay@india.com' Ransomware tends to spread through corrupted email attachments and links. Because of this, it is important that all employees at a company be educated on how to handle emails and email attachments safely, especially when dealing with spam emails and unsolicited email attachments.
- The best protection against the 'Bitcoinpay@india.com' Ransomware and other ransomware Trojans is to have good backup procedures in place. If there are backups of all vulnerable data, then server administrators can recover from a 'Bitcoinpay@india.com' Ransomware attack quickly by restoring the data from the backup, rather than paying the extraordinarily elevated ransom that the 'Bitcoinpay@india.com' Ransomware demands (4 BitCoin, approximately $2800 USD!). In fact, once having backups becomes a common practice, which is not unlikely considering the decreasing prices of memory devices and cloud storage, ransomware threats like the 'Bitcoinpay@india.com' Ransomware will become obsolete.
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.