'Legioner_seven@aol.com' Ransomware

The 'Legioner_seven@aol.com' Ransomware has been attacking various enterprise servers and individual users. The 'Legioner_seven@aol.com' Ransomware is part of a group of ransomware Trojans using very similar attack patterns all released recently. The 'Legioner_seven@aol.com' Ransomware and the other recently released infections are variants of the Crysis family, all having in common similar names and the use of aol.com contact email addresses. These are all, essentially, the same threat infection with different names.

If your computer has been infected with the 'Legioner_seven@aol.com' Ransomware, it may be impossible to recover your data. This is the main problem when dealing with ransomware Trojans like the 'Legioner_seven@aol.com' Ransomware; even if the 'Legioner_seven@aol.com' Ransomware infection is removed with a security program, the victim's files will remain corrupted by the 'Legioner_seven@aol.com' Ransomware attack. The 'Legioner_seven@aol.com' Ransomware's attack is simple to understand since it is identical to countless other ransomware Trojans. The following are the steps typically involved in these kinds of attacks:

1. The 'Legioner_seven@aol.com' Ransomware enters the victim's computer by using covert means. These covert means may include hacking into the victim's computer directly or hiding the 'Legioner_seven@aol.com' Ransomware in a corrupted email attachment.
2. The 'Legioner_seven@aol.com' Ransomware scans the victim's hard drive for certain types of files (generally all files that are not essential for Windows to operate) and encrypts them using an advanced encryption algorithm, which makes them inaccessible.
3. The 'Legioner_seven@aol.com' Ransomware then demands the payment of a large ransom. PC security analysts strongly advise computer users to avoid paying the 'Legioner_seven@aol.com' Ransomware's ransom, since this enables con artists to continue to develop the 'Legioner_seven@aol.com' Ransomware and its variants and carry out these kinds of attacks.

The 'Legioner_seven@aol.com' Ransomware will alert the victim of the attack by dropping text and HTML files on the victim's computer (in the directories where there are encrypted files). The 'Legioner_seven@aol.com' Ransomware also will change the victim's Desktop wallpaper image.

The 'Legioner_seven@aol.com' Ransomware can Encrypt a Huge Amount of Files

The following is a list of files that the 'Legioner_seven@aol.com' Ransomware will target and encrypt during its attack:

.odc, .odm, .odp, .ods, .odt, .docm, .docx, .doc, .odb, .mp4, sql, .7z, .m4a, .rar, .wma, .gdb, .tax, .pkpass, .bc6, .bc7, .avi, .wmv, .csv, .d3dbsp, .zip, .sie, .sum, .ibank, .t13, .t12, .qdf, .bkp, .qic, .bkf, .sidn, .sidd, .mddata, .itl, .itdb, .icxs, .hvpl, .hplg, .hkdb, .mdbackup, .syncdb, .gho, .cas, .svg, .map, .wmo, .itm, .sb, .fos, .mov, .vdf, .ztmp, .sis, .sid, .ncf, .menu, .layout, .dmp, .blob, .esm, .vcf, .vtf, .dazip, .fpk, .mlx, .kf, .iwd, .vpk, .tor, .psk, .rim, .w3x, .fsh, .ntl, .arch00, .lvl, .snx, .cfr, .ff, .vpp_pc, .lrf, .m2, .mcmeta, .vfs0, .mpqge, .kdb, .db0, .dba, .rofl, .hkx, .bar, .upk, .das, .iwi, .litemod, .asset, .forge, .ltx, .bsa, .apk, .re4, .sav, .lbf, .slm, .bik, .epk, .rgss3a, .pak, .big, wallet, .wotreplay, .xxx, .desc, .py, .m3u, .flv, .js, .css, .rb, .png, .jpeg, .txt, .p7c, .p7b, .p12, .pfx, .pem, .crt, .cer, .der, .x3f, .srw, .pef, .ptx, .r3d, .rw2, .rwl, .raw, .raf, .orf, .nrw, .mrwref, .mef, .erf, .kdc, .dcr, .cr2, .crw, .bay, .sr2, .srf, .arw, .3fr, .dng, .jpe, .jpg, .cdr, .indd, .ai, .eps, .pdf, .pdd, .psd, .dbf, .mdf, .wb2, .rtf, .wpd, .dxg, .xf, .dwg, .pst, .accdb, .mdb, .pptm, .pptx, .ppt, .xlk, .xlsb, .xlsm, .xlsx, .xls, .wps.

To alert the victim, the 'Legioner_seven@aol.com' Ransomware will display a ransom note. The following is a ransom note that has been associated with threats, which like the 'Legioner_seven@aol.com' Ransomware, were created based on the Crysis ransomware engine:

'Attention! Your computer was attacked by virus-encoder.
All your files are encrypted cryptographically strong, without the original key recover is impossible! To get the decoder and the original key, you need to to write us at the email: the 'Legioner_seven@aol.com' Ransomware with subject "encryption" stating your id.
Write in the case, do not waste your and our time on empty threats.
Responses to letters only appropriate people are not adequate ignore.
P.S. only in case you do not receive a response from the first email address within 48 hours please use this alternative email goldman0@india.com.'

PC security analysts strongly advise that computer users avoid paying the 'Legioner_seven@aol.com' Ransomware ransom. The people responsible for the 'Legioner_seven@aol.com' Ransomware may ignore the request or even ask for more money. Unfortunately, a decryption utility for the 'Legioner_seven@aol.com' Ransomware is unavailable currently.