'donald888@mail.fr' Ransomware

The 'donald888@mail.fr' Ransomware is an encryption ransomware Trojan that is based on a hybrid form of ransomware that combines elements of the Dharma Ransomware family and the Crysis Ransomware. This is a larger family of threats that have been active in the most recent year. The 'donald888@mail.fr' Ransomware variant first appeared on January 31, 2019, and carries out a typical version of these tactics. The 'donald888@mail.fr' Ransomware is designed to take the victims' files hostage and then demand a ransom payment from the victim.

How the 'donald888@mail.fr' Ransomware Trojan Attack Works

The 'donald888@mail.fr' Ransomware uses a strong encryption algorithm to make the victim's files inaccessible. The 'donald888@mail.fr' Ransomware targets the user-generated files and then marks every file it encrypts by adding the file extension '.888' to the end of the file's name. The 'donald888@mail.fr' Ransomware targets a variety of media files, documents, configuration files, databases, and numerous others, which include the files with the following file extensions:

.jpg, .jpeg, .raw, .tif, .gif, .png, .bmp, .3dm, .max, .accdb, .db, .dbf, .mdb, .pdb, .sql, .dwg, .dxf, .cpp, .cs, .h, .php, .asp, .rb, .java, .jar, .class, .py, .js, .aaf, .aep, .aepx, .plb, .prel, .prproj, .aet, .ppj, .psd, .indd, .indl, .indt, .indb, .inx, .idml, .pmd, .xqx, .xqx, .ai, .eps, .ps, .svg, .swf, .fla, .as3, .as, .txt, .doc, .dot, .docx, .docm, .dotx, .dotm, .docb, .rtf, .wpd, .wps, .msg, .pdf, .xls, .xlt, .xlm, .xlsx, .xlsm, .xltx, .xltm, .xlsb, .xla, .xlam, .xll, .xlw, .ppt, .pot, .pps, .pptx, .pptm, .potx, .potm, .ppam, .ppsx, .ppsm, .sldx, .sldm, .wav, .mp3, .aif, .iff, .m3u, .m4u, .mid, .mpa, .wma, .ra, .avi, .mov, .mp4, .3gp, .mpeg, .3g2, .asf, .asx, .flv, .mpg, .wmv, .vob, .m3u8, .dat, .csv, .efx, .sdf, .vcf, .xml, .ses, .qbw, .qbb, .qbm, .qbi, .qbr , .cnt, .des, .v30, .qbo, .ini, .lgb, .qwc, .qbp, .aif, .qba, .tlg, .qbx, .qby , .1pa, .qpd, .txt, .set, .iif, .nd, .rtp, .tlg, .wav, .qsm, .qss, .qst, .fx0, .fx1, .mx0, .fpx, .fxr, .fim, .ptb, .ai, .pfb, .cgn, .vsd, .cdr, .cmx, .cpt, .csl, .cur, .des, .dsf, .ds4, , .drw, .eps, .ps, .prn, .gif, .pcd, .pct, .pcx, .plt, .rif, .svg, .swf, .tga, .tiff, .psp, .ttf, .wpd, .wpg, .wi, .raw, .wmf, .txt, .cal, .cpx, .shw, .clk, .cdx, .cdt, .fpx, .fmv, .img, .gem, .xcf, .pic, .mac, .met, .pp4, .pp5, .ppf, .nap, .pat, .ps, .prn, .sct, .vsd, .wk3, .wk4, .xpm, .zip, .rar.

The 'donald888@mail.fr' Ransomware delivers a ransom note in the form of a text file named 'FILES ENCRYPTED.txt,' which is dropped on the infected computer's desktop. This file contains the following message for the victim:

'All your files have been encrypted!
All your files have been encrypted due to a security problem with your PC. If you want to restore them, write us to the e-mail donald888@mail.fr
Writer this ID in the title of your message: [random characters]
You will have to pay for decryption in Bitcoins. The price depends on how fast you write to us. After payment, we will send you the decryption tool that will decrypt all your files.'

Dealing with the 'donald888@mail.fr' Ransomware Infection

Unfortunately, once the 'donald888@mail.fr' Ransomware compromises the files, they are no longer recoverable without a decryption application, which is held by the criminals responsible for the 'donald888@mail.fr' Ransomware attack. Because of this, computer users must take preemptive measures. The best precaution computer users can take to ensure that their data is safe from threats like the 'donald888@mail.fr' Ransomware is to have backup copies of their files and store it on a place where the threat can't reach. Having file backups ensures that the criminals do not have the leverage to demand a ransom payment. Since the criminals do not have any intention of helping recover data and paying these ransoms enables them to continue creating malware threats like the 'donald888@mail.fr' Ransomware, computer users are counseled to refrain from paying any ransom associated with the 'donald888@mail.fr' Ransomware or contacting the criminals directly.