Bitcoinrush Ransomware

The Bitcoinrush Ransomware is an encryption ransomware Trojan. These threats are used to take the victims' files hostage, demanding the payment of a ransom to restore the computer user's files. The Bitcoinrush Ransomware scans the victim's computer, encrypting the victim's files using a strong encryption method and then appending the extension 'the Bitcoinrush@aol.com.xtbl' to each file it encrypts. After encrypting the victim's files, the Bitcoinrush Ransomware drops ransom notes in each directory where it encrypted content. The ransom note associated with the Bitcoinrush Ransomware will explain to the victim why the files can no longer be accessed and includes information about the payment.

Backups are the Safest Way to Recover Encrypted Files

The full text of the Bitcoinrush Ransomware ransom notes, which are dropped in each directory where the Bitcoinrush Ransomware encrypted a file that reads:

Attention!!! To restore information email technical support send 3 encrypted files the Bitcoinrush@aol.com

This is a very short ransom note. After emailing, the computer user will receive a response with further instructions. PC security analysts strongly advise computer users against paying the ransom. Paying the ransom enables the Bitcoinrush Ransomware's developers to continue creating threats and profiting at the expense of computer users. There is also no guarantee that the Bitcoinrush Ransomware's developers will restore the victim's files after the payment is made. After all, you are not dealing with the most trustworthy kind of people when dealing with threat creators! Computer users are advised to restore their files from a backup and, in some cases, they may have some success by using a file recovery application.

How the Bitcoinrush Ransomware Infects a Computer

There are several things that have been linked to the Bitcoinrush Ransomware. This threat creates file names with the following structure:

%encryptedfilename%.id-[id number for the victim]-the Bitcoinrush@aol.com

The Bitcoinrush Ransomware encrypts many file formats, especially targeting .doc, .zip, and .rtf files on the victim's computer. The Bitcoinrush Ransomware's ransom notes are not in the form of .txt files, as it is common with many other encryption ransomware Trojans. In most cases, the Bitcoinrush Ransomware is distributed using corrupted email attachments or embedded URLs. The following are files that have been linked to the Bitcoinrush Ransomware infection:

!Where_are_my_files!.html
%AppData%\Microsoft\Windows\Start Menu\Programs\Startup\x.vbs
%AppData%\bg.jpeg
%AppData%\files.txt
%AppData%\keys.dat
%UserProfile%\the Bitcoinrush\[ransomware_exec].exe

The following Registry entries have been associated with the Bitcoinrush Ransomware:

HKCU\Software\the Bitcoinrush\
HKCU\Software\the Bitcoinrush\AESFORUPRIVATE
HKCU\Software\the Bitcoinrush\UPRIV

To become invulnerable to the Bitcoinrush Ransomware and similar attacks is to backup all files regularly utilizing an external drive or an online service. Make sure that the backup is off-site since the Bitcoinrush Ransomware and similar threats will encrypt files in all drives detected on the affected computer. A real-time anti-malware program can block threats like the Bitcoinrush Ransomware before it begins encrypting the victim's computer.

The following are some tips that can help you stay protected from the Bitcoinrush Ransomware and similar threats:

• Make sure that all of your files are backed up regularly. The cost of an effective backup will always be a fraction of what it would cost to recover from a Bitcoinrush Ransomware attack (or a similar infection). The backup of files is a necessary online practice since hard drives will fail after a certain point in time.
• Use System Restore and similar utilities regularly to ensure that your computer can be restored to a certain setting or date.
• Do not install any programs that you are not familiar with. Avoid websites that are linked to threats and online hoaxes commonly, such as file sharing websites and pornographic Web pages.
• When installing any software, pay attention to every step of the installation process to avoid installing any bundled content that is not related to your program directly.
• Avoid opening email messages and attachments from unknown senders. This also applies to social media messages and other forms of online communication.