Hbdalna Ransomware Description
The Hbdalna Ransomware is determined to be part of the Snatch family of ransomware threats. Sharing a large part of its underlying code with the rest of the Snatch variants doesn't diminish its ability to cause damage. If the Hbdalna Ransomware manages to sneak onto the targeted compute successfully, it begins to encrypt all of the most popular filetypes rendering them inaccessible and unusable. Every encrypted file will have '.hbdalna' appended to the original name as a new extension. A text file named 'HOW TO RESTORE YOUR FILES.TXT' containing a ransom note with instructions from the cybercriminals will be dropped in every folder with locked files.
Users affected by the Hbdalna Ransomware are told to contact the hackers by sending an email to either one of the two provided email addresses - email@example.com or RemotePChelper@protonmail.com. The note doesn't mention a specific sum that has to be paid in exchange for the decryption key or tool. Although the Hbdalna Ransomware doesn't state it outright, most ransomware threats demand the payment be sent in one of the various cryptocurrencies, with Bitcoin being the most widespread choice. Up to three encrypted files can be attached to the email to the hackers to be decrypted for free, but the files must not be backups, databases or Excel spreadsheets.
Unfortunately, there is little that users affected by the Hbdalna Ransomware can do. The best-case scenario is when they have access to a backup that was created before the ransomware infection got into the computer. However, before restoring the files, it is paramount to deploy a professional anti-malware program to remove all traces of the Hbdalna Ransomware to prevent any further encryption of data.
The full note left by the Hbdalna Ransomware reads:
All your files are encrypted and only I can decrypt them.
My mail is
firstname.lastname@example.org or RemotePChelper@protonmail.com
Write me if you want to return your files - I can do it very quickly!
Do not rename the encrypted files, because of this you can lose them forever!!!!!
To prove that we are not scammers and really can decrypt your files,
you can send three files for test decryption !!! (except databases, Excel and backups)
PLEASE DO NOT CREATE A NEW LETTER! RESPOND TO THE
LETTER TO THIS LETTER.
This will allow us to see all the history of the census in
one place and respond quickly to you.
!!! Do not turn off or restart the NAS equipment. This will result in data loss!!!'