Darknes@420blaze.it Ransomware

The Darknes@420blaze.it Ransomware is an encryption ransomware Trojan. The Darknes@420blaze.it Ransomware was first observed on October 11, 2018. The Darknes@420blaze.it Ransomware is a hybrid of two well-known encryption ransomware Trojans, Crysis and Dharma. Criminals have started releasing variants in this hybrid family to carry out attacks on computer users. The Darknes@420blaze.it Ransomware, like most encryption ransomware Trojans, is designed to make the targeted files unusable and then demand a ransom payment from the victim in exchange for the decryption key needed to restore the damaged files.

Taking a Look at the Darknes@420blaze.it Ransomware Infection Process

The Darknes@420blaze.it Ransomware is delivered to the victims through corrupted email attachments that utilize macro scripts to download and install the Darknes@420blaze.it Ransomware onto the victim's computer. Once the Darknes@420blaze.it Ransomware has been installed onto the victim's computer, the Darknes@420blaze.it Ransomware uses a strong encryption algorithm to encrypt the victim's files and make them inaccessible. The Darknes@420blaze.it Ransomware will then attach the file extension '.id-.[Darknes@420blaze.it].waifu' to each file affected file. The Darknes@420blaze.it Ransomware targets the user-generated files, which include media files and a wide variety of document types. The files targeted by threats like the Darknes@420blaze.it Ransomware include:

.jpg, .jpeg, .raw, .tif, .gif, .png, .bmp, .3dm, .max, .accdb, .db, .dbf, .mdb, .pdb, .sql, .dwg, .dxf, .cpp, .cs, .h, .php, .asp, .rb, .java, .jar, .class, .py, .js, .aaf, .aep, .aepx, .plb, .prel, .prproj, .aet, .ppj, .psd, .indd, .indl, .indt, .indb, .inx, .idml, .pmd, .xqx, .xqx, .ai, .eps, .ps, .svg, .swf, .fla, .as3, .as, .txt, .doc, .dot, .docx, .docm, .dotx, .dotm, .docb, .rtf, .wpd, .wps, .msg, .pdf, .xls, .xlt, .xlm, .xlsx, .xlsm, .xltx, .xltm, .xlsb, .xla, .xlam, .xll, .xlw, .ppt, .pot, .pps, .pptx, .pptm, .potx, .potm, .ppam, .ppsx, .ppsm, .sldx, .sldm, .wav, .mp3, .aif, .iff, .m3u, .m4u, .mid, .mpa, .wma, .ra, .avi, .mov, .mp4, .3gp, .mpeg, .3g2, .asf, .asx, .flv, .mpg, .wmv, .vob, .m3u8, .dat, .csv, .efx, .sdf, .vcf, .xml, .ses, .qbw, .qbb, .qbm, .qbi, .qbr , .cnt, .des, .v30, .qbo, .ini, .lgb, .qwc, .qbp, .aif, .qba, .tlg, .qbx, .qby , .1pa, .qpd, .txt, .set, .iif, .nd, .rtp, .tlg, .wav, .qsm, .qss, .qst, .fx0, .fx1, .mx0, .fpx, .fxr, .fim, .ptb, .ai, .pfb, .cgn, .vsd, .cdr, .cmx, .cpt, .csl, .cur, .des, .dsf, .ds4, .drw, .eps, .ps, .prn, .gif, .pcd, .pct, .pcx, .plt, .rif, .svg, .swf, .tga, .tiff, .psp, .ttf, .wpd, .wpg, .wi, .raw, .wmf, .txt, .cal, .cpx, .shw, .clk, .cdx, .cdt, .fpx, .fmv, .img, .gem, .xcf, .pic, .mac, .met, .pp4, .pp5, .ppf, .nap, .pat, .ps, .prn, .sct, .vsd, .wk3, .wk4, .xpm, .zip, .rar.

The Darknes@420blaze.it Ransomware delivers its ransom note in the form of a text file named 'FILES ENCRYPTED.txt,' which demands a ransom payment from the victim in exchange for the means to recover the affected files. A typical ransom demand included in Darknes@420blaze.it Ransomware attack:

'All your files have been encrypted!
All your files have been encrypted due to a security problem with your PC. If you want to restore them, write us to the e-mail darknes@420blaze.it
Writer this ID in the title of your message: [random characters]
You will have to pay for decryption in Bitcoins. The price depends on how fast you write to us. After payment, we will send you the decryption tool that will decrypt all your files.'

However, affected users are counseled to ignore the contents of this ransom demand.

Dealing with a Darknes@420blaze.it Ransomware Infection

Unfortunately, computer users cannot restore the files affected by threats like the Darknes@420blaze.it Ransomware. With this in mind, the best protection against these infections is to ensure that your files can be recovered preemptively. Computer users should have file backups, as well as a security application to counteract threat attacks.