'.like File Extension' Ransomware

The '.like File Extension' Ransomware is an encryption ransomware Trojan. The '.like File Extension' Ransomware was first observed on July 25, 2018. The '.like File Extension' Ransomware functions by encrypting victim's files to take them hostage, like most encryption ransomware Trojans. The '.like File Extension' Ransomware, following the attack's pattern of other ransomware threats, identifies the damaged files with the file extension '.like,' added to each file's name. The '.like File Extension' Ransomware delivers a ransom note demanding a ransom payment in exchange for a decryption key, which it promises to deliver upon payment. The '.like File Extension' Ransomware is typically delivered to the victims through the use of corrupted email attachments.

Some Particularities of the '.like File Extension' Ransomware Attack

The '.like File Extension' Ransomware will work in the background to make the victim's files inaccessible. The '.like File Extension' Ransomware will target the user-generated files and use the AES encryption on them. These files may include a variety of media files and documents, which include:

.ebd, .jbc, .pst, .ost, .tib, .tbk, .bak, .bac, .abk, .as4, .asd, .ashbak, .backup, .bck, .bdb, .bk1, .bkc, .bkf, .bkp, .boe, .bpa, .bpd, .bup, .cmb, .fbf, .fbw, .fh, .ful, .gho, .ipd, .nb7, .nba, .nbd, .nbf, .nbi, .nbu, .nco, .oeb, .old, .qic, .sn1, .sn2, .sna, .spi, .stg, .uci, .win, .xbk, .iso, .htm, .html, .mht, .p7, .p7c, .pem, .sgn, .sec, .cer, .csr, .djvu, .der, .stl, .crt, .p7b, .pfx, .fb, .fb2, .tif, .tiff, .pdf, .doc, .docx, .docm, .rtf, .xls, .xlsx, .xlsm, .ppt, .pptx, .ppsx, .txt, .cdr, .jpe, .jpg, .jpeg, .png, .bmp, .jiff, .jpf, .ply, .pov, .raw, .cf, .cfn, .tbn, .xcf, .xof, .key, .eml, .tbb, .dwf, .egg, .fc2, .fcz, .fg, .fp3, .pab, .oab, .psd, .psb, .pcx, .dwg, .dws, .dxe, .zip, .zipx, .7z, .rar, .rev, .afp, .bfa, .bpk, .bsk, .enc, .rzk, .rzx, .sef, .shy, .snk, .accdb, .ldf, .accdc, .adp, .dbc, .dbx, .dbf, .dbt, .dxl, .edb, .eql, .mdb, .mxl, .mdf, .sql, .sqlite, .sqlite3, .sqlitedb, .kdb, .kdbx, .1cd, .dt, .erf, .lgp, .md, .epf, .efb, .eis, .efn, .emd, .emr, .end, .eog, .erb, .ebn, .ebb, .prefab, .jif, .wor, .csv, .msg, .msf, .kwm, .pwm, .ai, .eps, .abd, .repx, .oxps, .dot.

The '.like File Extension' Ransomware delivers a ransom note in the form of a text file named 'infoinfo.txt,' which is dropped on the infected computer's desktop. This ransom note demands that the victims contact the criminals through the email address 'BM-2cWrd12TuEzGmnPMHBMwmB32w45fZ5rZS3@bitmessage.ch.' The '.like File Extension' Ransomware ransom note reads as follows:

'Your data set are encrypted.
All files with .like extension are encrypted.
We can help decrypted files.
You will get decrypt soft + personal key(for your personal id) + manual.
For you to be sure, that we can decrypt your files
You can send us 1-2 encrypted files and we will send back it in a decrypt format FREE.
For download files use only dropmefiles.com not more then 10 Mb
Send us an email:
1.Personal ID
2.link dropmefiles.com
after wait decrypted files and further instructions.
You can send a message within 72 hours after encrypting, else full decrypt will be heavily.
Please use public email for contact: gmail etc.
For recover your files - contact us email:
BM-2cWrd12TuEzGmnPMHBMwmB32w45fZ5rZS3@bitmessage.ch
Your personal ID:
[redacted 36 alphanumeric]'

Protecting Yourself from Threats Like the '.like File Extension' Ransomware

The best way to protect your data from threats like the '.like File Extension' Ransomware is to have file backups. Paying the '.like File Extension' Ransomware ransom only allows criminals to continue creating and distributing threats like the '.like File Extension' Ransomware and does not guarantee that the criminals will help you restore the compromised files. Apart from file backups, you should keep a security program running non-stop, to prevent the '.like File Extension' Ransomware from being installed or to delete this threat after an attack.