Bmtf Ransomware

Bmtf Ransomware is a new file-encrypting Trojan discovered in the wild by malware analysts. After dissecting the Bmtf Ransomware, researchers found that this data-locker is a copy of the infamous Dharma Ransomware.

Propagation and Encryption

To make it more probable for the victim to consider paying a ransom fee, the Bmtf Ransomware is likely targeting a very expansive list of filetypes. This indicates that all .pdf, .doc, .docx, .txt, .ppt, .pptx, .xlsx, .xls, .mp3, .midi, .mid, .wav, .mp4, .mov, .webm, .mpeg, .jpg, jpeg, .svg, .gif, .png, .rar, .zip, .db, and various other filetypes will be encrypted by the Bmtf Ransomware securely, as soon as it compromises the targeted computer. When the Bmtf Ransomware encrypts a file, it will change its name. This file-locker appends a '.id-.[dfgkbtprz@aol.com].bmtf' extension to the newly encrypted files' names. Therefore, a file that was named 'crimson-curtain.jpg' will be renamed to 'crimson-curtain.jpg.id-.[dfgkbtprz@aol.com].bmtf.' There is a unique victim ID generated for every targeted user. The Bmtf Ransomware may be distributed via different infections vectors – spam emails, torrent trackers, bogus social media profiles, corrupted advertisements online, fake software downloads and updates, etc.

The Ransom Note

After completing the encryption process, the Bmtf Ransomware will drop a file containing the attackers' ransom message on the user's computer. The file is named 'FILES ENCRYPTED.txt.' The attackers' message is not very long. The computer user is asked to pay a ransom fee, but the attackers do not specify the sum. However, they provide two email addresses where the user can contact them – ‘dfgkbtprz@aol.com' and ‘dfgkbtprzvb@aol.com.' Despite the fact that the authors of the Bmtf Ransomware do not mention the ransom fee, you can be sure that it is a hefty sum.

It is not a good idea to contact the creators of the Bmtf Ransomware. Cyber crooks are not trustworthy and are unlikely to provide you with the decryption tool you need to recover your files even if you follow all their instructions. It is best to eradicate the Bmtf Ransomware from your PC with the help of a genuine, modern anti-virus software suite.