'decryptxxx@protonmail.com' Ransomware

'decryptxxx@protonmail.com' Ransomware Description

The 'decryptxxx@protonmail.com' Ransomware is a recently uncovered data-locking Trojan. When cybersecurity researchers studied this threat, they found out that the 'decryptxxx@protonmail.com' Ransomware belongs to the Dharma Ransomware family.

It cannot be confirmed what particular propagation methods have the cyber crooks responsible for the 'decryptxxx@protonmail.com' Ransomware used in spreading their threat. However, some malware experts speculate that the infection vectors may include spam emails containing corrupted attachments, bogus software updates and infected pirated applications. When the 'decryptxxx@protonmail.com' Ransomware lands on a system, it will perform a scan. This is done so that the 'decryptxxx@protonmail.com' Ransomware can locate all the files, which it was programmed to target. Then, the encryption process will be triggered.

When the 'decryptxxx@protonmail.com' Ransomware encrypts a file, it will alter its name. The 'decryptxxx@protonmail.com' Ransomware adds a ‘.id-.[decryptxxx@protonmail.com].xxxx’ extension to the newly locked files. This is a pattern that is followed by most variants of the Dharma Ransomware. The next step is to drop the ransom note. The ransom note of the 'decryptxxx@protonmail.com' Ransomware is likely named 'FILES ENCRYPTED.txt' since this is the name used by most ransomware threats that belong to the Dharma Ransomware family. The email provided by the attackers is – 'decryptxxx@protonmail.com.'

It is never advisable to get in contact with cyber crooks like the ones behind the 'decryptxxx@protonmail.com' Ransomware. More often than not, such morally corrupted individuals will go on to promise the victim that all their data will be unlocked if they pay up, but will then ride off into the sunset with the cash and leave the user empty-handed. A much better and much safer option is to download and install a reputable anti-spyware application and have it wipe the 'decryptxxx@protonmail.com' Ransomware off your PC once and for all.