Inferno Ransomware

Inferno Ransomware Description

Type: Ransomware

Infosec researchers discovered a new threatening malware named Inferno Ransomware. The threat is a variant based on the previously detected Avaddon Ransomware threat. It is equipped with a strong encryption process that locks numerous file types. Victims will lose access to both their personal and business-related documents, databases, archives, PDFs, etc. Each encrypted file will have '.avdn' appended to its name as a new extension. Finally, the threat will drop a ransom note on the infected system. The instructions from the hackers will be delivered as an HTML file named '210201-readme.html.'

Ransom Note's Details

The note displayed to the victims begins with an image of a painting by the French artist Gustave Doré. The painting depicts a scene from Dante Alighieri's Divine Comedy. The inclusion of the image offers little comfort to the victims of the threat who are trying to figure out how to restore their data. The Inferno Ransomware hackers then continue by stating that the affected users will have to buy a decryption tool named Inferno General Decryptor from them. To get the necessary details about making the ransom payment, victims are directed towards visiting the hacker group's website hosted on the TOR network. The ransom note concludes with a section containing several warnings such as not modifying the locked files followed by a quote from Voltaire.

The Inferno Ransomware instructions are:

'Gustave Doré, engraving illustrating Canto XVII of Divine Comedy, Inferno, by Dante Alighieri; caption: The Descent of the Abyss on Geryon's Back; in Dante Alighieri, The Divine Comedy: the Inferno, Purgatorio, and Paradiso, trans.: Lawrence Grant White," by is licensed with CC BY 2.0.

Your network has been infected by Inferno
All your documents, photos, databases and other important files have been encrypted and you are not able to decrypt it by yourself. But don't worry, we can help you to restore all your files!

The only way to restore your files is to buy our special software - Inferno General Decryptor. Only we can give you this software and only we can restore your files!

You can get more information on our page, which is located in a Tor hidden network.

How to get to our page
Download Tor browser - hxxps://
Install Tor browser
Open link in Tor browser - infernoyrxlapxaiq.onion
Follow the instructions on this page

Your ID:




"Now, now my good man, this is no time to be making enemies. (Voltaire on his deathbed in response to a priest asking him that he renounce Satan.)"


Technical Information

Screenshots & Other Imagery

SpyHunter Detects & Remove Inferno Ransomware

File System Details

Inferno Ransomware creates the following file(s):
# File Name MD5 Detection Count
1 file.exe e32ce42c1d936899e696a89900a02219 3

Related Posts

Site Disclaimer is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their computer with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.