codnat1 Ransomware

A new data-encrypting Trojan was discovered recently. Malware researchers gave it the name codnat1 Ransomware. When dissected, it quickly became apparent that the codnat1 Ransomware is a new version of the popular STOP Ransomware (also known as Djvu Ransomware). Often, instead of creating a whole new ransomware threat, cyber crooks choose to spare some of their time an effort and take most of the code of an already existing file-locking Trojan and mildly alter it to their liking. This is why there are more and more variants of infamous threats like the STOP Ransomware and the Dharma Ransomware) popping up almost daily.

It is unclear what propagation methods are applied in the spreading of the codnat1 Ransomware, but it is highly likely that spam email campaigns, faux updates, and infected pirated software may be among them. Once the codnat1 Ransomware has wormed its way into your computer, it would perform a scan of your data to identify the file types it seeks. When the codnat1 Ransomware locates the files it was programmed to go after, the next step of the attack would kick in - namely, the encryption process. After locking the targeted files, you will notice that their extensions had been altered. The codnat1 Ransomware adds its own extension at the end of the file name affected - '.codnat1.' This means that a photo previously called 'purple-cat.jpg' would be renamed to 'purple-cat.jpg.codnat1' when the codnat1 Ransomware is done with it. After this is done, the codnat1 Ransomware would proceed to drop a ransomware note called '_readme.txt.' In this note, the users will be informed about what has happened to their files. The creators of the codnat1 Ransomware do not mention what the ransom fee demanded is. They only provide the victim with an email address where they are meant to get in touch with the attackers and receive further information – gorentos@bitmessage.ch.

It is strongly advisable that you do not contact shady individuals like the authors of the codnat1 Ransomware. The usual approach of ransomware authors is to insist that once they receive the victim's money, they would solve all their issues (which they caused in the first place). However, more often than not they lose the motivation to help you when they get the cash. Instead, we recommend you to download and install a trustworthy anti-spyware application and have it wipe your PC clean of the codnat1 Ransomware.