IGAMI Ransomware Description
The IGAMI Ransomware is a data-locking Trojan that was spotted by researchers recently. It appears that this ransomware threat belongs to the infamous Globe Imposter Ransomware family that has been gaining traction recently.
It is not yet confirmed how the IGAMI Ransomware is being propagated, but it is highly likely that the usual methods may be involved – faux software updates, infected pirated software and spam email campaigns. Once it has landed on your PC, the IGAMI Ransomware starts a scan whose goal is to locate the files that the IGAMI Ransomware is programmed to target. Then, the IGAMI Ransomware begins the encryption process and locks the data. After a file has been encrypted, you may notice that the IGAMI Ransomware has changed its name. The IGAMI Ransomware adds the '.IGAMI' extension to the newly locked files so that, for example, a file with the name 'hand-cream.png' would be renamed to 'hand-cream.png.IGAMI' when this ransomware threat finishes encrypting it.
In the next step of the attack, the IGAMI Ransomware will drop a ransom note. The note is named 'how_to_back_files.html' and, unlike most ransomware notes, is pretty extensive and informative. It starts with an all caps message stating 'YOUR FILES ARE ENCRYPTED' accompanied by two skulls on each side of the sentence. The authors of ransomware are known to use social engineering tactics to scare and pressure their victims into complying with their demands. The creators of the IGAMI Ransomware offer the user to send them one text file or image, which they would decrypt free of charge so that they can prove that they have a decryption tool. The file must be sent to either firstname.lastname@example.org or email@example.com. The victims are then instructed to add their uniquely generated ID in the email they are meant to send. The attackers state that only after the user has gotten in touch with them, they will say what the ransom fee will be. As authors of ransomware threats usually do, the attackers warn that any attempts of recovering the data via third-party software will result in all the permanent loss of the files.
It is never smart to contact cybercriminals. We would advise you not to pay these people because there is no guarantee that they will send you a decryption tool in exchange for your money. A safer approach is to remove the IGAMI Ransomware from your system using a reputable anti-spyware suite.
Do You Suspect Your PC May Be Infected with IGAMI Ransomware & Other Threats? Scan Your PC with SpyHunterSpyHunter is a powerful malware remediation and protection tool designed to help provide PC users with in-depth system security analysis, detection and removal of a wide range of threats like IGAMI Ransomware as well as a one-on-one tech support service. Download SpyHunter's FREE Malware Remover
Security Doesn't Let You Download SpyHunter or Access the Internet?Solutions: Your computer may have malware hiding in memory that prevents any program, including SpyHunter, from executing on your computer. Follow to download SpyHunter and gain access to the Internet:
- Use an alternative browser. Malware may disable your browser. If you're using IE, for example, and having problems downloading SpyHunter, you should open Firefox, Chrome or Safari browser instead.
- Use a removable media. Download SpyHunter on another clean computer, burn it to a USB flash drive, DVD/CD, or any preferred removable media, then install it on your infected computer and run SpyHunter's malware scanner.
- Start Windows in Safe Mode. If you can not access your Window's desktop, reboot your computer in "Safe Mode with Networking" and install SpyHunter in Safe Mode.
- IE Users: Disable proxy server for Internet Explorer to browse the web with Internet Explorer or update your anti-spyware program. Malware modifies your Windows settings to use a proxy server to prevent you from browsing the web with IE.