ENCODED Ransomware
The ENCODED Ransomware is another harmful malware threat that could cause devastating damage to victims' computers. The threatening tool encrypts all sorts of data and adds the '.ENCODED' extension to the end of the filenames. All impacted files will no longer be accessible. The ENCODED Ransomware also drops a text file named 'HOW TO DECRYPT FILES.txt' on the user's desktop, which contains instructions on how to pay a ransom to regain access to locked files. Additionally, ENCODED changes the desktop wallpaper to also display a ransom note.
ENCODED Ransomware's Demands
According to ENCODED's ransom-demanding message, the threat uses the RSA-1024 cryptographic algorithm for its decryption process. As a result, restoration of the locked files without having the proper decryption keys is considered practically impossible. The message found in the text file states that victims are expected to pay the sum of $120 to the threat actors if they want to recover their files. The threat also warns that after a certain period, the attackers will delete all impacted data with no further possibility for recovery.
Tips for Avoiding Threats like the ENCODED Ransomware
The devastating consequences of potential ransomware infections should serve as a sufficient incentive for both users and organizations to take appropriate measures to boost the security of their computers. Just a couple of basic precautions could be enough to negate the most damaging actions of such malware threats.
- Having a firewall in place not only helps prevent ill-minded actors from getting access to your system, but it also can alert you if there is any suspicious activity that may indicate a ransomware attack. Additionally, effective anti-malware software can detect known malware signatures, as well as identify any suspicious behaviors that could be indicative of an attempted breach.
- Software updates often contain security patches that help protect against known vulnerabilities and exploits used by hackers. So make sure that all of your software is kept up-to-date by setting installations to automatic download updates when available or manually patch them if needed.
- Backing up your data is another essential part of protecting yourself from ransomware attacks. By backing up your data, you can ensure that if your computer is infected with ransomware, you will still have access to your important files. Backing up your data also allows you to restore any lost or corrupted files quickly and easily. It is recommended to create multiple backups of your data in different locations, ranging from cloud storage services to physical drives.
The ransom note delivered as a text file is:
'Attention!!!
All your personal files (photo, documents, texts, databases, certificates, kwm-files, video) have been encrypted by a very strong cypher RSA-1024. The original files are deleted. You can check this by yourself - just look for files in all folders.
There is no possibility to decrypt these files without a special decrypt program! Nobody can help you - even don't try to find another method or tell anybody. Also after n days all encrypted files will be completely deleted and you will have no chance to get it back.
We can help to solve this task for 120$ via wire transfer (bank transfer SWIFT/IBAN). And remember: any harmful or bad words to our side will be a reason for ingoring your message and nothing will be done.
For details you have to send your request on this e-mail (attach to message a full serial key shown below in this 'how to..' file on desktop): datafinder@fastmail.fm'
Instructions shown via the desktop background image:
'ATTENTION!!!!!!
ALL YOUR PERSONAL FILES WERE ENCRYPTED WITH A STRONG ALGORYTHM RSA-1024 AND YOU CAN'T GET AN ACCESS TO THEM WITHOUT MAKING OF WHAT WE NEED!
READ 'HOW TO DECRYPT' TXT-FILE ON YOUR DESKTOP FOR DETAILS
JUST DO IT AS FAST AS YOU CAN!
REMEMBER: DON'T TRY TO TELL SOMEONE ABOUT THIS MESSAGE IF YOU WANT TO GET YOUR FILES BACK! JUST DO ALL WE TOLD.'
