'.google File Extension' Ransomware

Many cyber crooks have been experimenting and trying to develop successful malware using Google's Go programming language. One of the newest examples of this is the '.google File Extension' Ransomware. This file-locker also is known as the GoGoogle Ransomware and the BossiTossi Ransomware. Just like most Go-based malware, the '.google File Extension' Ransomware is not very successful. This data-encrypting Trojan is decryptable for free that eliminates the need to contact the cyber crooks who created it entirely.

Propagation and Encryption

As soon as the '.google File Extension' Ransomware infects your computer, it will modify the Windows settings to eliminate the System Restore service, as well as wipe out the Shadow Volume Copies. File-lockers often take this approach to make data-recovery very difficult. The '.google File Extension' Ransomware targets a long list of filetypes to encrypt most of the files that are present on the infected computer. This would likely result in your documents, spreadsheets, presentations, images, videos, audio files, archives, databases and other files undergoing encryption. The names of the encrypted files will be changed because the '.google File Extension' Ransomware adds an '_ID_<VICTIM ID>_Bossi_tosi@protonmail.com.google' extension to them. For example, a file named 'marble-gods.jpeg' will be renamed to 'marble-gods.jpeg_ID_<VICTIM ID>_Bossi_tosi@protonmail.com.google.' It is likely that the '.google File Extension' Ransomware is being spread via phishing emails, corrupted advertisements online, torrent trackers, fake social media pages, bogus application updates, etc.

The Ransom Note

Next, the '.google File Extension' Ransomware will drop a file on the user's desktop. The text file in question contains the attacker's message. The file's name is 'FileRecovery.txt,' and it contains a brief message from the authors of the '.google File Extension' Ransomware. The attackers state that the user should contact them via email – ‘Bossi_tosi@protonmail.com,' ‘back_me@foxmail.com,' ‘doss_help@qq.com,' ‘dinanit@protonmail.com' or ‘mijisches@protonmail.com.' The creators of the '.google File Extension' Ransomware offer to unlock two files free of charge.

As we have mentioned already, there is no point in cooperating with the cybercriminals who have created the '.google File Extension' Ransomware – this file-locker is decryptable for free with the aid of the 'GoGoogle Decryption Tool.' However, remember first to remove the '.google File Extension' Ransomware from your computer with the help of a reputable, modern anti-virus software suite.