Godes Ransomware

Godes Ransomware Description

The Godes Ransomware is one of the numerous ransomware threats, which have been emerging recently. When cybersecurity researchers spotted it, they dissected the threat and found out that it belongs to the widely known STOP Ransomware family.

Infection and Encryption

Malware experts have been unable to determine what is the propagation method applied in the spreading of this file-locking Trojan. Some believe that the creators of the Godes Ransomware may be using bogus application updates, mass spam email campaigns, and corrupted pirated software to propagate their threat, as these are among the most common techniques of spreading malware. The newly infected machines will be scanned so that the Godes Ransomware can determine the locations of the files, which will be marked for encryption. When this phase is completed, the Godes Ransomware will go on to lock the targeted data. The files, which undergo the encryption process of the Godes Ransomware, will have their names altered. The Godes Ransomware adds a ‘.godes’ extension at the end of the filename. For example, if you had originally named a photo ‘thunderbolts.jpeg’ its name will be changed to ‘thunderbolts.jpeg.godes’ when the Godes Ransomware locks it.

The Ransom Note

Next, the Godes Ransomware drops a ransom note. It is likely that the authors of the Godes Ransomware have followed the naming pattern used the majority of the STOP Ransomware variants – ‘_readme.txt.’ Usually, the ransomware threats that belong to the STOP Ransomware family use the same email addresses – ‘gorentos@bitmessage.ch,’ ‘ferast@firemail.cc,’ ‘vengisto@firemail.cc,’ ‘vengisto@india.com,’ ‘stoneland@firemail.cc.’ They sometimes opt to give out a Telegram contact too - @datarestore.

Cybercriminals are shady individuals who will not hesitate to make empty promises as long as that helps them get their hands on your money. We advise you strongly to resist any urges to negotiate with cyber crooks. Usually, nothing good comes out of it. An effective approach is to download and install a reputable anti-virus software tool and wipe off the Godes Ransomware from your computer. Next, you can look into using a third-party data-recovery tool, which could potentially help you get back some of the lost files.

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.


HTML is not allowed.