'DIGITALKEY@163.com' Ransomware
The 'DIGITALKEY@163.com' Ransomware is an encryption Trojan that uses industry grade encryption mechanisms to lock the data of compromised users. The 'DIGITALKEY@163.com' Ransomware surfaced in October 2016 with spam emails. Users reported that they downloaded a document and enabled macro to load the text properly because there was a banner directing them to do so. Soon after they opened the document, files on the PC appeared as a blank sheet of paper carrying an unfamiliar name.
Initial code analysis revealed that the 'DIGITALKEY@163.com' Ransomware is a member of the Crysis family of crypto malware that uses the '.xtbl' suffix to mark corrupted objects. The '.xtbl' suffix is favored by other threats such as Bitcoinrush and Troldesh too. The 'DIGITALKEY@163.com' Ransomware is known to encrypt standard data containers used to store family photos, documents for work, personal videos and audio records. The 'DIGITALKEY@163.com' Ransomware does not sport fancy features and is not likely to lock data on password protected drives and network shares. However, data on the primary system drive and local drives is not safe.
The 'DIGITALKEY@163.com' Ransomware is programmed to look for targeted containers on accessible storage connected to your PC and build an index file. The index is used as a reference when the encryption engine is initiated. Users that keep track of the system parameters might notice increased read/write load and power consumption. A quick look in the default user library may reveal that files are being encrypted in the background. Victims of the 'DIGITALKEY@163.com' Ransomware can recognize affected objects by their new names and the '{DIGITALKEY2@163.com}.xtbl' extension. For example, 'optic_nerve.png' will be transcoded to '[random_characters].{DIGITALKEY2@163.com}.xtbl' and the user will not be able to access the content.
Decryption is unlikely to be provided because the aim of the 'DIGITALKEY@163.com' Ransomware is to cause damage and offer a solution in exchange for money. Security experts advise against paying the ransom required by the operators of the 'DIGITALKEY@163.com' Ransomware. Usually, victims are welcomed to make a payment in the range of 0.5 to 2 Bitcoins, which means paying from 314 USD to 1257 USD according to exchange rates at the time of writing. You should avoid contact with DIGITALKEY@163.com and use clean backup images to recover from an attack by a crypto malware. Manual removal of the 'DIGITALKEY@163.com' Ransomware is not recommended if you are not a security researcher that knows where to look and how to remove Trojans. An easy method to remove the 'DIGITALKEY@163.com' Ransomware would be using a reliable anti-malware scanner.
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.