Bitx Ransomware
2019 has been marked with very high ransomware activity. The two most active ransomware families this year have been the STOP Ransomware and Dharma Ransomware families definitely. Cyber crooks worldwide have pumped out dozens upon dozens of variants of these data-locking Trojans in the wild and have claimed countless victims. Among the newest spotted copies of the Dharma Ransomware is a threat dubbed the Bitx Ransomware.
Propagation and Encryption
Cybercrooks are very creative when it comes to propagating their threatening creations. However, some of the most popular infection vectors used in the distribution of ransomware threats are spam emails containing macro-laced attachments, torrent trackers, fake software updates, and bogus pirated copies of popular applications. Upon infecting a system, the Bitx Ransomware will scan the PC looking for the file types it was programmed to target. Ransomware threats usually go after a very long list of file types, as this will increase the probability of the victim to consider paying up the ransom fee demanded. When all the files of interest have been located, the Bitx Ransomware will proceed by triggering its encryption process. When a file gets locked by the Bitx Ransomware, its name will be changed. This threat appends a new extension to the affected files - '.id-
The Ransom Note
The Bitx Ransomware’s ransom note is stored in two files - ‘Info.hta’ and ‘FILES ENCRYPTED.txt.’ Most cyber crooks whom distribute copies of the Dharma Ransomware do not mention a ransom fee, and the Bitx Ransomware is no exception. However, there is no doubt that the victims will be asked to pay a hefty sum as soon as they contact the attackers. The authors of the Bitx Ransomware demand to be contacted via email - ‘1btc@qbmail.biz.’
We would advise you strongly against contacting cybercriminals like the ones responsible for the Bitx Ransomware. They will promise you to reverse all the damage that has been done to your data as long as you pay up undoubtedly. However, cybercriminals rarely deliver on their promises. This is why it is far safer to trust a genuine anti-malware tool to remove this nasty Trojan from your computer and ensure your safety online going forward.
