'.black007 File Extension' Ransomware

The '.black007 File Extension' Ransomware is an encryption ransomware Trojan. The '.black007 File Extension' Ransomware belongs to the Jigsaw family of ransomware Trojans, which have been around for a considerable time. The '.black007 File Extension' Ransomware was first observed on July 23, 2018, and is nearly identical to the vast majority of threats in this ransomware family. The '.black007 File Extension' Ransomware will mark files encrypted in its attack with the file extension '.black007,' which identifies clearly the compromised content on the victim's computer. The '.black007 File Extension' Ransomware's purpose, like most encryption ransomware Trojans, is to take the victim's files hostage, making them inaccessible and then demanding a ransom payment from the victims to restore access to the compromised content.

A Quick Explanation of the '.black007 File Extension' Ransomware Attack

The '.black007 File Extension' Ransomware is delivered to the victims through spam email attachments. These spam email attachments will use social engineering techniques to trick the victim into opening a Microsoft Word file with embedded macro scripts that download and install the '.black007 File Extension' Ransomware onto the victim's computer. Once the '.black007 File Extension' Ransomware has been installed, the '.black007 File Extension' Ransomware scans the infected computer in search for the user-generated files, which may include media, images, databases, documents, configuration files and other content. The data type that the '.black007 File Extension' Ransomware will search for and encrypt on the victims' computers include:

.ebd, .jbc, .pst, .ost, .tib, .tbk, .bak, .bac, .abk, .as4, .asd, .ashbak, .backup, .bck, .bdb, .bk1, .bkc, .bkf, .bkp, .boe, .bpa, .bpd, .bup, .cmb, .fbf, .fbw, .fh, .ful, .gho, .ipd, .nb7, .nba, .nbd, .nbf, .nbi, .nbu, .nco, .oeb, .old, .qic, .sn1, .sn2, .sna, .spi, .stg, .uci, .win, .xbk, .iso, .htm, .html, .mht, .p7, .p7c, .pem, .sgn, .sec, .cer, .csr, .djvu, .der, .stl, .crt, .p7b, .pfx, .fb, .fb2, .tif, .tiff, .pdf, .doc, .docx, .docm, .rtf, .xls, .xlsx, .xlsm, .ppt, .pptx, .ppsx, .txt, .cdr, .jpe, .jpg, .jpeg, .png, .bmp, .jiff, .jpf, .ply, .pov, .raw, .cf, .cfn, .tbn, .xcf, .xof, .key, .eml, .tbb, .dwf, .egg, .fc2, .fcz, .fg, .fp3, .pab, .oab, .psd, .psb, .pcx, .dwg, .dws, .dxe, .zip, .zipx, .7z, .rar, .rev, .afp, .bfa, .bpk, .bsk, .enc, .rzk, .rzx, .sef, .shy, .snk, .accdb, .ldf, .accdc, .adp, .dbc, .dbx, .dbf, .dbt, .dxl, .edb, .eql, .mdb, .mxl, .mdf, .sql, .sqlite, .sqlite3, .sqlitedb, .kdb, .kdbx, .1cd, .dt, .erf, .lgp, .md, .epf, .efb, .eis, .efn, .emd, .emr, .end, .eog, .erb, .ebn, .ebb, .prefab, .jif, .wor, .csv, .msg, .msf, .kwm, .pwm, .ai, .eps, .abd, .repx, .oxps, .dot.

The '.black007 File Extension' Ransomware will deliver its ransom note in an HTA application window that contains the following message:

'You have been hacked by Apophis Squad!
We have encrypted your files using AES 256, which is NOT easy to reverse! XD
Do not panic, we will let you fix this by sending us a payment.
However I've already encrypted your personal files, so you cannot access them.
Time till file delete.
Send $500 worth of Bitcoin here:
[34 RANDOM CHARCTERS]'

Dealing with the '.black007 File Extension' Ransomware

The payment of the '.black007 File Extension' Ransomware ransom or the contact with the criminals behind the attack is not encouraged in any circumstances. It is unlikely that the criminals responsible for the '.black007 File Extension' Ransomware will help the victims recover their files, even if they pay the large ransom associated with this threat. Because of this, it is important to take preventive measures against the '.black007 File Extension' Ransomware. The best protection against threats is to have file backups. Apart from file backups, it is important to learn how to deal with spam email and unsolicited email attachments safely, since these are some of the most common ways in which the '.black007 File Extension' Ransomware and similar threats are distributed to computer users. A security program also is essential to protect your PC from these threats.