guardbtc@cock.li Ransomware
The guardbtc@cock.li Ransomware is an encryption ransomware Trojan that was first observed on February 26, 2018. The guardbtc@cock.li Ransomware is a variant of the Crysis Ransomware Trojan, first released on March 2016. The guardbtc@cock.li Ransomware may be distributed through the use of corrupted email attachments. Victims will get an email that appears to come from a legitimate source, such as Instagram or Amazon. The email will typically include a DOCX or PDF file attachment that uses embedded macro scripts that download and install the guardbtc@cock.li Ransomware onto the victim's computer. Because of this, you should learn how to handle spam emails and unsolicited email attachments safely as a way to prevent these attacks.
Table of Contents
How the guardbtc@cock.li Ransomware Trojan Attacks a Computer
Once the guardbtc@cock.li Ransomware is installed, it will scan the victim's drives in search for certain file types. The guardbtc@cock.li Ransomware will erase file recovery points and encrypt the victim's files with an AES 256 encryption algorithm. This makes the files encrypted by the guardbtc@cock.li Ransomware attack unrecoverable. The guardbtc@cock.li Ransomware will target a wide variety of the user-generated files in its attack, which include images, media, and numerous other file types such as databases and several document types. The following are some of the file types that are targeted in attacks like the guardbtc@cock.li Ransomware:
.3dm, .3g2, .3gp, .7zip, .aaf, .accdb, .aep, .aepx, .aet, .ai, .aif, .as, .as3, .asf, .asp, .asx, .avi, .bmp, .c, .class, .cpp, .cs, .csv, .dat, .db, .dbf, .doc, .docb, .docm, .docx, .dot, .dotm, .dotx, .dwg, .dxf, .efx, .eps, .fla, .flv, .gif, .h, .idml, .iff, .indb, .indd, .indl, .indt, .inx, .jar, .java, .jpeg, .jpg, .js, .m3u, .m3u8, .m4u, .max, .mdb, .mid, .mkv, .mov, .mp3, .mp4, .mpa, .mpeg, .mpg, .msg, .pdb, .pdf, .php, .plb, .pmd, .png, .pot, .potm, .potx, .ppam, .ppj, .pps, .ppsm, .ppsx, .ppt, .pptm, .pptx, .prel, .prproj, .ps, .psd, .py, .ra, .rar, .raw, .rb, .rtf, .sdf, .sdf, .ses, .sldm, .sldx, .sql, .svg, .swf, .tif, .txt, .vcf, .vob, .wav, .wma, .wmv, .wpd, .wps, .xla, .xlam, .xll, .xlm, .xls, .xlsb, .xlsm, .xlsx, .xlt, .xltm, .xltx, .xlw, .xml, .xqx, .xqx, .zip.
Once the guardbtc@cock.li Ransomware encrypts a file, it will add the file extension 'id-[random chars].[GuardBTC@cock.li]' to the end of the file's name, making it simple to know which files have been compromised by the guardbtc@cock.li Ransomware attack.
The guardbtc@cock.li Ransom Note and Demand
The guardbtc@cock.li Ransomware will demand a ransom payment from the victim. To do this, the guardbtc@cock.li Ransomware will deliver a text file to the victim's computer. This file, named 'ReadMe.txt' is dropped onto the infected computer's desktop. The guardbtc@cock.li Ransomware ransom note demands that the victim pays a ransom using Bitcoin to a specific Bitcoin wallet. Victims are instructed to communicate with the con artists at the email address that has been associated with the guardbtc@cock.li Ransomware attack. PC security experts advise computer users to refrain from paying the guardbtc@cock.li Ransomware ransom or contacting the people responsible for the guardbtc@cock.li Ransomware attack. It is very unlikely that these people will keep their promise of helping victims recover their files, and they are just as likely to ignore the victim's payment or ask for more money.
Protecting Your Data from Attacks Like the guardbtc@cock.li Ransomware
Preventive measures are a sure way to ensure that your data is safe from attacks like the guardbtc@cock.li Ransomware. The best protection against these attacks is to have file backups. Having backup copies of your files ensures that your data can be recovered easily in the event of an attack, and it will remove any leverage that allows the extortionists to demand ransom payments. Since the guardbtc@cock.li Ransomware may be delivered using spam email messages, learning how to handle this content kind safely is also essential in protecting your data from the guardbtc@cock.li Ransomware and other ransomware Trojans.
