'evolution@rape.lol' Ransomware

The 'evolution@rape.lol' Ransomware is an encryption ransomware Trojan. The 'evolution@rape.lol' Ransomware is designed to make the victim's files inaccessible and then demand a ransom payment from the victim in exchange for returning access to the compromised data. Typically, the 'evolution@rape.lol' Ransomware is delivered to the victim via spam emails in the form of a file attachment that downloads and installs this threat onto the victim's computer. The 'evolution@rape.lol' Ransomware poses a real threat to the victims' data, and computer users are advised to take precautions to ensure that their data is protected from the 'evolution@rape.lol' Ransomware and similar threats.

How the 'evolution@rape.lol' Ransomware Attacks a Computer

Generally, the 'evolution@rape.lol' Ransomware will be delivered to the victim's computer in the form of a malicious Microsoft Word file initially, which includes embedded macro scripts that download and install the 'evolution@rape.lol' Ransomware onto the victim's computer. Once the 'evolution@rape.lol' Ransomware is installed, it scans the victim's computer for the user-generated files and uses an advanced encryption algorithm to make these files inaccessible. The 'evolution@rape.lol' Ransomware will target certain files in these attacks, which includes:

.jpg, .jpeg, .raw, .tif, .gif, .png, .bmp, .3dm, .max, .accdb, .db, .dbf, .mdb, .pdb, .sql, .dwg, .dxf, .cpp, .cs, .h, .php, .asp, .rb, .java, .jar, .class, .py, .js, .aaf, .aep, .aepx, .plb, .prel, .prproj, .aet, .ppj, .psd, .indd, .indl, .indt, .indb, .inx, .idml, .pmd, .xqx, .xqx, .ai, .eps, .ps, .svg, .swf, .fla, .as3, .as, .txt, .doc, .dot, .docx, .docm, .dotx, .dotm, .docb, .rtf, .wpd, .wps, .msg, .pdf, .xls, .xlt, .xlm, .xlsx, .xlsm, .xltx, .xltm, .xlsb, .xla, .xlam, .xll, .xlw, .ppt, .pot, .pps, .pptx, .pptm, .potx, .potm, .ppam, .ppsx, .ppsm, .sldx, .sldm, .wav, .mp3, .aif, .iff, .m3u, .m4u, .mid, .mpa, .wma, .ra, .avi, .mov, .mp4, .3gp, .mpeg, .3g2, .asf, .asx, .flv, .mpg, .wmv, .vob, .m3u8, .dat, .csv, .efx, .sdf, .vcf, .xml, .ses, .qbw, .qbb, .qbm, .qbi, .qbr , .cnt, .des, .v30, .qbo, .ini, .lgb, .qwc, .qbp, .aif, .qba, .tlg, .qbx, .qby , .1pa, .qpd, .txt, .set, .iif, .nd, .rtp, .tlg, .wav, .qsm, .qss, .qst, .fx0, .fx1, .mx0, .fpx, .fxr, .fim, .ptb, .ai, .pfb, .cgn, .vsd, .cdr, .cmx, .cpt, .csl, .cur, .des, .dsf, .ds4, , .drw, .eps, .ps, .prn, .gif, .pcd, .pct, .pcx, .plt, .rif, .svg, .swf, .tga, .tiff, .psp, .ttf, .wpd, .wpg, .wi, .raw, .wmf, .txt, .cal, .cpx, .shw, .clk, .cdx, .cdt, .fpx, .fmv, .img, .gem, .xcf, .pic, .mac, .met, .pp4, .pp5, .ppf, .nap, .pat, .ps, .prn, .sct, .vsd, .wk3, .wk4, .xpm, .zip, .rar.

The 'evolution@rape.lol' Ransomware will mark the files encrypted by the attack by adding the file extension '.evolution' to each file that was encrypted by its attack. The 'evolution@rape.lol' Ransomware delivers a ransom note in the form of a text file named '!#_Read_me_for_revocery_#!.txt' on the victim's desktop. The 'evolution@rape.lol' Ransomware ransom message contains the following text:

'Hello ! All your data have been encrypted !
Don't worry , we can help you to return all your data.
Write to our email - evolution@rape.lol
In the subject write - id-[8 random characters] .
If within 24 hours we didn't answer you , write to our backup email – backupevolution@tuta.io.'

The 'evolution@rape.lol' Ransomware's message and other characteristics it possesses make it seems like the 'evolution@rape.lol' Ransomware is related to the Rapid 2.0 family of ransomware, of which there are many variants currently.

Protecting Your Data from the 'evolution@rape.lol' Ransomware

The best protection against threats like the 'evolution@rape.lol' Ransomware is having file backups and storing these in an inaccessible location, such as the cloud or an external memory device. Because of this, PC security researchers strongly advise that computer users take preemptive steps, especially because security software cannot decrypt the files encrypted by the 'evolution@rape.lol' Ransomware attack. However, these threats can be stopped by a reliable security program before they carry out their attack and compromise the victim's files so that it is crucial also to have one installed and fully updated.