Galacti-Crypter Ransomware

Cybersecurity researchers are struggling to keep pace with all the new ransomware threats, which appear to be popping up every day. One of the most recent file-encrypting Trojans that has been spotted is the Galacti-Crypter Ransomware.

Propagation and Encryption

Experts have been unable to determine the infection vectors involved in the propagation of the Galacti-Crypter Ransomware. Some speculate that the attackers may be using mass spam email campaigns, bogus application updates, and fake pirated variants of popular software tools. As soon as the Galacti-Crypter Ransomware infiltrates a system, a scan will be performed. The scan is going to locate the files, which will be targeted for encryption. Usually, ransomware threats target a long list of file types, which are likely to be present on almost any regular PC, therefore ensuring maximum damage and increasing the chances of getting paid. Next, the Galacti-Crypter Ransomware will start locking all the files marked for encryption. Instead of adding a new extension at the end of the file name of a locked file, as most ransomware threats do, this data-locking Trojan will encode the file name itself without changing the extension.

The Ransom Note

The ransom note of the Galacti-Crypter Ransomware will be launched in a new window called ‘Galacti-Crypter 1.8.’ Most authors of data-encrypting Trojans give out contact details so that the victim can get in touch and potentially receive further instructions. However, the authors of the Galacti-Crypter Ransomware do not mention any contact information. They do, however, state that the ransom fee is $150, and it is required in the shape of Bitcoin. The attackers also mention that the user has only 72 hours to complete the transaction.

The good news is that there is a free, publicly available decryption tool that is compatible with the Galacti-Crypter Ransomware. Its name is ‘GalactiCrypter Decryptor,’ and if you utilize it, you will be able to recover all your encrypted data. However, it also is crucial to download and install a reputable anti-virus tool and use it to wipe off the Galacti-Crypter Ransomware from your system once and for all.