'callmegoat@protonmail.com' Ransomware

The 'callmegoat@protonmail.com' Ransomware is an encryption ransomware Trojan that was first observed on March 19, 2019. The 'callmegoat@protonmail.com' Ransomware carries out a typical encryption ransomware attack, taking over the victim's computer and blocking access to the victim's data to extract a ransom payment. The 'callmegoat@protonmail.com' Ransomware is a variation in the Globe Imposter family of Ransomware Trojans, a large group of malware threats that operate nearly identically to each other.

How the 'callmegoat@protonmail.com' Ransomware Trojan Enter a Computer

The 'callmegoat@protonmail.com' Ransomware is typically delivered to the victims via corrupted spam email attachments, a common method of delivering encryption ransomware Trojans. The 'callmegoat@protonmail.com' Ransomware uses a strong encryption algorithm to target the user-generated files. These files may include a wide variety of media files, document types, and other data containers. The files that threats like the 'callmegoat@protonmail.com' Ransomware target in these attacks include:

.jpg, .jpeg, .raw, .tif, .gif, .png, .bmp, .3dm, .max, .accdb, .db, .dbf, .mdb, .pdb, .sql, .dwg, .dxf, .cpp, .cs, .h, .php, .asp, .rb, .java, .jar, .class, .py, .js, .aaf, .aep, .aepx, .plb, .prel, .prproj, .aet, .ppj, .psd, .indd, .indl, .indt, .indb, .inx, .idml, .pmd, .xqx, .xqx, .ai, .eps, .ps, .svg, .swf, .fla, .as3, .as, .txt, .doc, .dot, .docx, .docm, .dotx, .dotm, .docb, .rtf, .wpd, .wps, .msg, .pdf, .xls, .xlt, .xlm, .xlsx, .xlsm, .xltx, .xltm, .xlsb, .xla, .xlam, .xll, .xlw, .ppt, .pot, .pps, .pptx, .pptm, .potx, .potm, .ppam, .ppsx, .ppsm, .sldx, .sldm, .wav, .mp3, .aif, .iff, .m3u, .m4u, .mid, .mpa, .wma, .ra, .avi, .mov, .mp4, .3gp, .mpeg, .3g2, .asf, .asx, .flv, .mpg, .wmv, .vob, .m3u8, .dat, .csv, .efx, .sdf, .vcf, .xml, .ses, .qbw, .qbb, .qbm, .qbi, .qbr , .cnt, .des, .v30, .qbo, .ini, .lgb, .qwc, .qbp, .aif, .qba, .tlg, .qbx, .qby , .1pa, .qpd, .txt, .set, .iif, .nd, .rtp, .tlg, .wav, .qsm, .qss, .qst, .fx0, .fx1, .mx0, .fpx, .fxr, .fim, .ptb, .ai, .pfb, .cgn, .vsd, .cdr, .cmx, .cpt, .csl, .cur, .des, .dsf, .ds4, , .drw, .eps, .ps, .prn, .gif, .pcd, .pct, .pcx, .plt, .rif, .svg, .swf, .tga, .tiff, .psp, .ttf, .wpd, .wpg, .wi, .raw, .wmf, .txt, .cal, .cpx, .shw, .clk, .cdx, .cdt, .fpx, .fmv, .img, .gem, .xcf, .pic, .mac, .met, .pp4, .pp5, .ppf, .nap, .pat, .ps, .prn, .sct, .vsd, .wk3, .wk4, .xpm, .zip, .rar.

The files encrypted by the 'callmegoat@protonmail.com' Ransomware attack can be easily recognized because this threat adds the file extension '{CALLMEGOAT@PROTONMAIL.COM}CMG' to each file that is encrypted by its attack. The 'callmegoat@protonmail.com' Ransomware delivers a ransom note in the form of an HTML file named 'decrypt_files.html' dropped on the infected computer system's desktop after the files are compromised. The following is the ransom note contained in this HTML file:

'YOUR FILES ARE ENCRYPTED!
IF YOU SEE IT - DO NOT TRY TO DECRYPT ? THE FILES YOURSELF!!!?
ALL YOUR IMPORTANT DATA HAS BEEN ENCRYPTED.
To decrypt all your files, you need a decryption program.
To get a program to decrypt your data you need to do a few steps:
1. To make sure that we can actually decrypt your files. You can send us a file for the test. This can be a picture or a text file. Size less than 5 MB. Send to our mail: CALLMEGOAT@PROTONMAIL.COM .
2. Send your PERSONAL ID in the letter (you will find it at the very beginning of this document)
3. We will decode your test file so you are sure. We will also send you the amount you need to pay to get the program to decrypt.
4. We will send you instructions on how to pay for the decryption program. After payment, we will send you a program and instructions on how to decrypt all the files.'

Dealing with the 'callmegoat@protonmail.com' Ransomware

The contents of the 'callmegoat@protonmail.com' Ransomware ransom note should be ignored. Unfortunately, the 'callmegoat@protonmail.com' Ransomware attack will make the files unrecoverable. Therefore, the best safeguard against threats like the 'callmegoat@protonmail.com' Ransomware is to have backup copies of all data stored in an accessible location, which can be used to replace any compromised files.>