[crypt1style@aol.com].mers Ransomware
The [crypt1style@aol.com].mers Ransomware is configured to encrypt the files it targets on the computer it manages to invade and then ask money from its victims to decrypt the compromised files. The [crypt1style@aol.com].mers Ransomware is one more member of the Dharma Ransomware family, a never stop growing family that has caused a lot of problems to the computer users it and it's family members infect. The [crypt1style@aol.com].mers Ransomware adds a file extension to the files it wants to modify, which is the .MERS file extension. To let computer users know why they can't access their data anymore, the [crypt1style@aol.com].mers Ransomware generates a ransom note explaining the situation, providing an emails address for contact, the victims' ID and offering to decode one file for free to prove that they have the means to give their data back. The [crypt1style@aol.com].mers Ransomware is presented to the victims as a text file named RETURN FILES.txt and reads:
'All FILES ENCRYPTED "RSA1024"
All YOUR FILES HAVE BEEN ENCRYPTED!!! IF YOU WANT TO RESTORE THEM, WRITE US TO THE E-MAIL crypt1style@aol.com
IN THE LETTER WRITE YOUR ID, YOUR ID 1E857D00
IF YOU ARE NOT ANSWERED, WRITE TO EMAIL:crypt1style@keemail.me
YOUR SECRET KEY WILL BE STORED ON A SERVER 7 DAYS, AFTER 7 DAYS IT MAY BE OVERWRITTEN BY OTHER KEYS, DON'T PULL TIME, WAITING YOUR EMAIL
FREE DECRYPTION FOR PROOF
You can send us up to 1 file for free decryption. The total size of files must be less than 1Mb (non archived), and files should not contain valuable information. (databases,backups, large excel sheets, etc.)
DECRYPTION PROCESS:
When you make sure of decryption possibility transfer the money to our bitcoin wallet. As soon as we receive the money we will send you:
1. Decryption program.
2. Detailed instruction for decryption.
3. And individual keys for decrypting your files.
!WARNING!
Do not rename encrypted files.
Do not try to decrypt your data using third party software, it may cause permanent data loss.
Decryption of your files with the help of third parties may cause increased price (they add their fee to our) or you can become a victim of a scam.'
If you want to avoid been infected by threats like the [crypt1style@aol.com].mers Ransomware, the key is to follow the instructions of safe browsing provided by security researchers. However, if the [crypt1style@aol.com].mers Ransomware is already on your machine the quickest way to undo the mess is by using a trusted anti-malware product to remove it from your computer and then the file backup to reconstruct the corrupted files.