'Epta.mcold@gmail.com' Ransomware

By GoldSparrow in Ransomware

Translate To:

A new ransomware threat was uncovered by cybersecurity experts who gave it the name 'Epta.mcold@gmail.com' Ransomware. At first, malware researchers thought that the 'Epta.mcold@gmail.com' Ransomware was a part of the GlobeImposter Ransomware family but upon further studying it, it turned out that this piece of malware is a variant of the Maoloa Ransomware.

Even though it is not clear how 'Epta.mcold@gmail.com' Ransomware is being propagated completely, it is believed widely that the authors may have employed the usual methods of spreading ransomware threats – infected pirated media, fraudulent updates and spam email campaigns. If the 'Epta.mcold@gmail.com' Ransomware gets access to your computer, it will scan your data for the file types it would target. Cybercriminals normally make sure that their file-locking Trojans are able to encrypt a vast number of file types, including the most commonly found ones like .mp3, .mov, .doc, .png, .jpeg, .gif, .mp4, .ppt, etc. certainly. When these files are located, the 'Epta.mcold@gmail.com' Ransomware starts encrypting them. When a file is encrypted, it receives an additional extension at the end of its name. In the case of the 'Epta.mcold@gmail.com' Ransomware, the extension added is '.epta.mcold@gmail.com,' which means that a file named 'chocolate.png' previously will be renamed to 'chocolate.png.epta.mcold@gmail.com' after the encryption process is through.

Next, this file-locking Trojan will drop its ransom note named '!INSTRUCTIONS!.TXT.' Usually, ransomware creators write the names of their ransom notes in all capital letters to minimize the chances of the victim not noticing it. In their ransom note, the authors of the 'Epta.mcold@gmail.com' Ransomware warn users against renaming the files that have been encrypted. They also go on to say that the victim should not attempt to decrypt their data using third-party software because it can result in them losing their data permanently. It is not clear if there is any merit to these words, or it is simply used as a scare tactic. The attackers offer to decrypt two files for free to prove that they are able to decrypt the data they have locked. The only requirements for this are for the files do not exceed 1MB in size and not contain any valuable information. Then, they give out three email addresses where they can be contacted – epta.mcold@gmail.com, epta.mcold@yahoo.com and epta.mcold@aol.com.

We advise you against contacting these individuals. Cybercriminals like the ones responsible for the 'Epta.mcold@gmail.com' Ransomware are not to be trusted. They will take your money gladly and leave you empty-handed. A better option is to make sure you obtain a reputable cybersecurity suite and trust it with wiping the 'Epta.mcold@gmail.com' Ransomware off your machine.

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

'Epta.mcold@gmail.com' Ransomware

Submit Comment

Trending

'YouPorn' Email Scam

Safe Search Eng

Findtheirreport.com

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen