Threat Database Ransomware '.CONTACTUS File Extension' Ransomware

'.CONTACTUS File Extension' Ransomware

By GoldSparrow in Ransomware

PC security researchers first observed the '.CONTACTUS File Extension' Ransomware, an encryption ransomware Trojan, on May 30, 2018. The '.CONTACTUS File Extension' Ransomware is being delivered to victims through the use of spam email messages. These messages will often contain a file attachment that includes embedded macro scripts that download and install the '.CONTACTUS File Extension' Ransomware onto the victim's computer. It is important, therefore learn to recognize these email tactics and handle them safely. The file attachments used to deliver threats like the '.CONTACTUS File Extension' Ransomware are usually DOCX or PDF files that require the use of macro scripts to carry out their attacks.

How the '.CONTACTUS File Extension' Ransomware Infects a Computer

Once the '.CONTACTUS File Extension' Ransomware is installed, the '.CONTACTUS File Extension' Ransomware scans the victim's drives in search for the user-generated files, which may include a wide variety of document types. The '.CONTACTUS File Extension' Ransomware behaves nearly identical to other encryption ransomware Trojans, such as the ubiquitous HiddenTear variants that are so common today. The '.CONTACTUS File Extension' Ransomware uses the AES 256 encryption to make the victim's files inaccessible, essentially taking them hostage. The following are some of the file types that threats like the '.CONTACTUS File Extension' Ransomware will target in their attacks:

.3dm, .3g2, .3gp, .7zip, .aaf, .accdb, .aep, .aepx, .aet, .ai, .aif, .as, .as3, .asf, .asp, .asx, .avi, .bmp, .c, .class, .cpp, .cs, .csv, .dat, .db, .dbf, .doc, .docb, .docm, .docx, .dot, .dotm, .dotx, .dwg, .dxf, .efx, .eps, .fla, .flv, .gif, .h, .idml, .iff, .indb, .indd, .indl, .indt, .inx, .jar, .java, .jpeg, .jpg, .js, .m3u, .m3u8, .m4u, .max, .mdb, .mid, .mkv, .mov, .mp3, .mp4, .mpa, .mpeg, .mpg, .msg, .pdb, .pdf, .php, .plb, .pmd, .png, .pot, .potm, .potx, .ppam, .ppj, .pps, .ppsm, .ppsx, .ppt, .pptm, .pptx, .prel, .prproj, .ps, .psd, .py, .ra, .rar, .raw, .rb, .rtf, .sdf, .sdf, .ses, .sldm, .sldx, .sql, .svg, .swf, .tif, .txt, .vcf, .vob, .wav, .wma, .wmv, .wpd, .wps, .xla, .xlam, .xll, .xlm, .xls, .xlsb, .xlsm, .xlsx, .xlt, .xltm, .xltx, .xlw, .xml, .xqx, .xqx, .zip.

The '.CONTACTUS File Extension' Ransomware will mark the enciphered files with the file extension '.CONTACTUS,' added to the end of each affected file's name. The '.CONTACTUS File Extension' Ransomware delivers a ransom note to the victim in the form of a text file located on the victim's desktop, dwhich is named '!!!!RESTORE_FILES!!!.tx.' The text that is inside of the '.CONTACTUS File Extension' Ransomware ransom note reads:

'All your important files were encrypted on this PC.
All files with .CONTACTUS extension are encrypted.
Encryption was produced using unique private key RSA-1024 generated for this computer.
To decrypt your files, you need to obtain private key + decrypt software.
To retrieve the private key and decrypt software, you need to CONTACTUS us by email decryption@bitmessage.ch send us an email your !!!RESTORE_FILES!!!.txt file and wait for further instructions.
For you to be sure, that we can decrypt your files - you can send us a 1-3 any not very big encrypted files and we will send you back it in a original form FREE.
Price for decryption $600 if you contact us first 72 hours.

Your personal id:
[40 random characters]

E-mail address to contact us:
decryption@bitmessage.ch
Reserve e-mail address to contact us:
decryption@india.com'

Dealing with the '.CONTACTUS File Extension' Ransomware

Computer users are counseled to shun from paying the 600 USD ransom that the '.CONTACTUS File Extension' Ransomware demands. However, when the '.CONTACTUS File Extension' Ransomware finds and changes the files, they will be inaccessible. Because of this, preventive measures are very effective against this threat. The best you can do to be protected against threats like the '.CONTACTUS File Extension' Ransomware is to have file backups stored on the cloud or a removable memory device. This, coupled with a strong security program, is the best way to ensure that threats like the '.CONTACTUS File Extension' Ransomware can be prevented and that the data compromised by the attack can be recovered easily.

Trending

Most Viewed

Loading...