Threat Database Ransomware Eternity Ransomware

Eternity Ransomware

By GoldSparrow in Ransomware

The Eternity Ransomware is an encryption ransomware The Eternity Ransomware, like most of these threats, is used to encrypt the victim's files, taking them hostage. The Eternity Ransomware demands the payment of a ransom in exchange for the decryption key needed to restore access to the infected files, once the victim's files have been made inaccessible. Encryption ransomware Trojans like the Eternity Ransomware are relatively common, and it is why it is important for computer users to have file backups to ensure that their data can be recovered after an Eternity Ransomware infection.

The Ransomware that can Send Your Files to the Eternity

The Eternity Ransomware uses a combination of the AES and RSA encryptions to make the victim's files inaccessible, and then, demands a ransom paid in Bitcoins in exchange for the decryption key. The file description reads as follows:

eTeRnItY-RaNsOmWaRe. Falsch-copyright: Microsoft 2017. Developer: Sameera-Madushan-Perera (Sri Lanka)

The Eternity Ransomware's code is related to the Stupid/FTSCoder, a previous ransomware Trojan that has spawned various variants. The files compromised by the attack will be marked with the file extension 'EteRnItY', added to the end of each affected file's name. Ransomware Trojans like the Eternity Ransomware tend to look for the user-generated files while avoiding the Windows system files or other files that would prevent Windows from displaying a ransom note and the victim from paying the ransom (which would defeat the purpose of the Eternity Ransomware infection). The file types that may be targeted in attacks like the Eternity Ransomware include:

.3dm, .3g2, .3gp, .7zip, .aaf, .accdb, .aep, .aepx, .aet, .ai, .aif, .as, .as3, .asf, .asp, .asx, .avi, .bmp, .c, .class, .cpp, .cs, .csv, .dat, .db, .dbf, .doc, .docb, .docm, .docx, .dot, .dotm, .dotx, .dwg, .dxf, .efx, .eps, .fla, .flv, .gif, .h, .idml, .iff, .indb, .indd, .indl, .indt, .inx, .jar, .java, .jpeg, .jpg, .js, .m3u, .m3u8, .m4u, .max, .mdb, .mid, .mkv, .mov, .mp3, .mp4, .mpa, .mpeg, .mpg, .msg, .pdb, .pdf, .php, .plb, .pmd, .png, .pot, .potm, .potx, .ppam, .ppj, .pps, .ppsm, .ppsx, .ppt, .pptm, .pptx, .prel, .prproj, .ps, .psd, .py, .ra, .rar, .raw, .rb, .rtf, .sdf, .sdf, .ses, .sldm, .sldx, .sql, .svg, .swf, .tif, .txt, .vcf, .vob, .wav, .wma, .wmv, .wpd, .wps, .xla, .xlam, .xll, .xlm, .xls, .xlsb, .xlsm, .xlsx, .xlt, .xltm, .xltx, .xlw, .xml, .xqx, .xqx, .zip.

The Eternity Ransomware's Ransom Demand

The Eternity Ransomware has been around since early December 2017. The Eternity Ransomware attacks target English speakers, although there are no geographical restrictions on where the Eternity Ransomware attacks can take place. The Eternity Ransomware delivers the following ransom note to the victim after the files have been encrypted:

'AlL YOUR FILES HAVE the BEEN ENCRYPTED bY the Eternity Ransomware
yOu aRe UndeR CONTROL oF the Eternity Ransomware
AlL YOUR VideoS, PhotoS, DATABASES aNd Important FILES
If yOu nEeD ThE DeCrYpTiOn kEy tO DeCrYpT YoUr fIlEs
pAy $ 1000 tO ThE FoLlOwInG BiTcOiN AdDrEsS.
BTC Address - 3a6dd5ad74e5sdsd25as656w4
Contact Us For More Details
Enter Your Decryption Key Here and Click on the Skull to Decrypt Your Files ...'

Do not follow the instructions in the Eternity Ransomware ransom note. There is no guarantee that the people responsible for the Eternity Ransomware attack will respond to the payment by delivering the decryption key or helping computer users recover. They are just as likely to ignore the payment or attempt to infect the victim again, especially since the victims will have shown that they are willing to pay a ransom.

Protecting Your Data from the Eternity Ransomware

The best protection from threats like the Eternity Ransomware is to ensure that you have file backups on the cloud or a safe and trusted place. Having file backups means that computer users can restore their files easily with the help of a reliable security program to remove the Eternity Ransomware infection itself.

SpyHunter Detects & Remove Eternity Ransomware

File System Details

Eternity Ransomware may create the following file(s):
# File Name MD5 Detections
1. Eternity Ransomware.exe a813a7d9f0348c18c08a8830145360a4 0


Most Viewed