Threat Database Ransomware Enc1 Ransomware

Enc1 Ransomware

By GoldSparrow in Ransomware

The Enc1 Ransomware is an encryption ransomware Trojan that was first observed on January 23, 2019. The Enc1 Ransomware is designed to take over the victim's data, encrypting it to extract a ransom from the victim. It is mandatory to take precautions against threats like the Enc1 Ransomware to prevent your data from becoming compromised.

How the Enc1 Ransomware Attack Works

Threats like the Enc1 Ransomware use strong encryption methods to make the victim's files inaccessible. The Enc1 Ransomware marks each file it encrypts by adding the string '_enc1' to each compromised file's name. After encrypting the victim's files, the Enc1 Ransomware also will terminate various processes on the victim's computer and delete the Shadow Volume Copies of each affected file. The Enc1 Ransomware targets the user-generated files, which may include files with the following file extensions:

.jpg, .jpeg, .raw, .tif, .gif, .png, .bmp, .3dm, .max, .accdb, .db, .dbf, .mdb, .pdb, .sql, .dwg, .dxf, .cpp, .cs, .h, .php, .asp, .rb, .java, .jar, .class, .py, .js, .aaf, .aep, .aepx, .plb, .prel, .prproj, .aet, .ppj, .psd, .indd, .indl, .indt, .indb, .inx, .idml, .pmd, .xqx, .xqx, .ai, .eps, .ps, .svg, .swf, .fla, .as3, .as, .txt, .doc, .dot, .docx, .docm, .dotx, .dotm, .docb, .rtf, .wpd, .wps, .msg, .pdf, .xls, .xlt, .xlm, .xlsx, .xlsm, .xltx, .xltm, .xlsb, .xla, .xlam, .xll, .xlw, .ppt, .pot, .pps, .pptx, .pptm, .potx, .potm, .ppam, .ppsx, .ppsm, .sldx, .sldm, .wav, .mp3, .aif, .iff, .m3u, .m4u, .mid, .mpa, .wma, .ra, .avi, .mov, .mp4, .3gp, .mpeg, .3g2, .asf, .asx, .flv, .mpg, .wmv, .vob, .m3u8, .dat, .csv, .efx, .sdf, .vcf, .xml, .ses, .qbw, .qbb, .qbm, .qbi, .qbr , .cnt, .des, .v30, .qbo, .ini, .lgb, .qwc, .qbp, .aif, .qba, .tlg, .qbx, .qby , .1pa, .qpd, .txt, .set, .iif, .nd, .rtp, .tlg, .wav, .qsm, .qss, .qst, .fx0, .fx1, .mx0, .fpx, .fxr, .fim, .ptb, .ai, .pfb, .cgn, .vsd, .cdr, .cmx, .cpt, .csl, .cur, .des, .dsf, .ds4, , .drw, .eps, .ps, .prn, .gif, .pcd, .pct, .pcx, .plt, .rif, .svg, .swf, .tga, .tiff, .psp, .ttf, .wpd, .wpg, .wi, .raw, .wmf, .txt, .cal, .cpx, .shw, .clk, .cdx, .cdt, .fpx, .fmv, .img, .gem, .xcf, .pic, .mac, .met, .pp4, .pp5, .ppf, .nap, .pat, .ps, .prn, .sct, .vsd, .wk3, .wk4, .xpm, .zip, .rar.

The Enc1 Ransomware delivers a ransom notification once the victim's files have been taken hostage and made inaccessible. The Enc1 Ransomware's ransom note is contained in a text file named 'decrypt_.txt,' which contains the following ransom message:

'Ooops. your important files are encrypted.
If you see this text, then your files are no longer accessible,
because they have been encrypted.Perhaps you are busy looking for a way to recover your
files, but don't waste your time. Nobody can recover your files without our decryption service.
We guarantee that you can recover all your files safely and easily.All you
need to do is submit the payment and purchase the decryption key.
Do not try to recover your files on your own or with someone else,
because after the intervention you can remain without your data forever.
Please follow the instructions :
1.Contact us at e-mail:
or bitmessage: BM-2cVs4XGzzFtA7wiM6TPDnohTKh47vvCS1k
2.Get your KEY and IV
3.Have a Nice Day
Key: [random characters]
IV: [random characters]'

Following the instructions in the Enc1 Ransomware ransom note or contacting the criminals responsible for the Enc1 Ransomware attack is not a safe action. They will typically not help the victims recover and contacting them will generally just expose the computer users to additional tactics.

Protecting Your Data from Threats Like the Enc1 Ransomware

Because threats like the Enc1 Ransomware use strong encryption methods that are impossible to crack currently, it is not recommended to contact the criminals. The best protection is to have file backups and storing these on the cloud or an external memory device. This allows the victims of the Enc1 Ransomware attack to quickly recover their data by replacing it from the backup copy after an attack. A reliable security program that is fully up to date should also be used to prevent threats like the Enc1 Ransomware from carrying out their attack in the first place.


Most Viewed