ESCAL Ransomware

Data-lockers, like the ESCAL Ransomware, are very nasty threats that compromise one's system and encrypt all data. Ransomware threats aim to extort their victims for money while promising to reverse the damage done to the data once a fee is paid.

Propagation and Encryption

Once the ESCAL Ransomware infiltrates your PC, it will locate your files and begin the encryption process. This file-locker is likely to target images, documents, spreadsheets, audio files, presentations, databases, videos, archives and a wide variety of other filetypes. When the ESCAL Ransomware encrypts a targeted data, it will add a '.ESCAL-<VICTIM ID>' extension at the end of the filename. For example, a file you had called 'white-flower.mp4' originally will be renamed to 'white-flower.mp4.ESCAL-<VICTIM ID>.' Each affected user will have a unique victim ID generated for them. This helps the creators of the ESCAL Ransomware differentiate between the different users. Threats like the ESCAL Ransomware often are propagated via phishing emails, which would either contain a corrupted link or a macro-laced file. Other popular distribution techniques would include torrent trackers, fake social media campaigns, bogus software updates and downloads, and malvertising operations.

The Ransom Note

In the next phase of the attack, the ESCAL Ransomware drops a ransom note called '!!_FILES_ENCRYPTED_.txt.' This file contains the ransom message of the ESCAL Ransomware's authors. In the ransom note, the attackers warn the users against shutting down their PCs, moving or renaming files, and deleting files, which may result in data loss. The criminals demand to be contacted via email – ‘imperial1755@protonmail.com' and ‘imperial@mailfence.com.' To prove to the victims that they have a working decryption tool, the attackers offer to decrypt two files for free, as long as they do not contain any vital information.

To ensure the safety of your data and your PC, installing a modern, trustworthy anti-virus software suite is advisable. The security tool will help you remove the ESCAL Ransomware from your computer. There is no point in cooperating with cybercriminals as they are unlikely to provide you with a decryptor even if you pay the sum demanded.