MadBit Ransomware

The MadBit Ransomware is an encryption ransomware Trojan that PC security researchers reported on December 29, 2017. The MadBit Ransomware does not seem to belong to a larger family of ransomware, but rather was developed independently and includes some portions of an open source ransomware code. The MadBit Ransomware, like many similar threats, is delivered to victims through the use of corrupted document attachments contained in spam email messages. These documents will take the form of Microsoft Word documents with embedded macro scripts that download and install the MadBit Ransomware when the document is opened. PC security analysts strongly advise computer users to be cautious when handling unsolicited email messages and attachments.

How the MadBit Ransomware Attacks a Computer

The MadBit Ransomware uses a strong encryption method to make the victim's files inaccessible. The MadBit Ransomware takes the victim's files hostage since the affected files will be made inaccessible permanently once they have been encrypted, and will only be accessible with the decryption key, which the cybercrooks hold in their possession. The MadBit Ransomware will mark the encrypted files by adding the file extension '.enc' to the end of each affected file's name. The MadBit Ransomware targets the user-generated files, such as music, videos and documents. The following are some of the file types that may be encrypted by these attacks:

.3dm, .3g2, .3gp, .7zip, .aaf, .accdb, .aep, .aepx, .aet, .ai, .aif, .as, .as3, .asf, .asp, .asx, .avi, .bmp, .c, .class, .cpp, .cs, .csv, .dat, .db, .dbf, .doc, .docb, .docm, .docx, .dot, .dotm, .dotx, .dwg, .dxf, .efx, .eps, .fla, .flv, .gif, .h, .idml, .iff, .indb, .indd, .indl, .indt, .inx, .jar, .java, .jpeg, .jpg, .js, .m3u, .m3u8, .m4u, .max, .mdb, .mid, .mkv, .mov, .mp3, .mp4, .mpa, .mpeg, .mpg, .msg, .pdb, .pdf, .php, .plb, .pmd, .png, .pot, .potm, .potx, .ppam, .ppj, .pps, .ppsm, .ppsx, .ppt, .pptm, .pptx, .prel, .prproj, .ps, .psd, .py, .ra, .rar, .raw, .rb, .rtf, .sdf, .sdf, .ses, .sldm, .sldx, .sql, .svg, .swf, .tif, .txt, .vcf, .vob, .wav, .wma, .wmv, .wpd, .wps, .xla, .xlam, .xll, .xlm, .xls, .xlsb, .xlsm, .xlsx, .xlt, .xltm, .xltx, .xlw, .xml, .xqx, .xqx, .zip.

The MadBit Ransomware attack is not original and is virtually identical to most encryption ransomware Trojans that are in the wild currently. The MadBit Ransomware delivers a ransom note after encrypting the victim's files. The MadBit Ransomware delivers its ransom note in a message box with the title 'madbit encryptor: Hello, you are encrypted!' Below is the full text of the MadBit Ransomware ransom note:

'***!WARNING!***
***YOUR COMPUTER ARE INFECTED***
***ALL DATABASES, SITES AND USERS HOME FILES HAVE BEEN ENCRYPTED***
================================================
>>>You have to pay for decryption in Bitcoins. The price depends on how fast you write to us.<<< ***After payment we will send you the decryption tool ,that will decrypt all your files.*** ===FREE DECRYPTION AS GUARANTEE=== ===Before paying you can send to us up to 1 files for free decryption=== Please note: that files must NOT contain valuable information and their total size must be less than 1Mb === Important information === YOUR COMPUTER UID : *** COPY&SEND YOUR UID TO EMAIL'S : adaline.lowell.85@mail.ru ================================================ ***!WARNING!*** ===****rnadbit***madbit***madbit***madbit***madbit***madbit*** madbit***madbit***madbit****==='

Dealing with a MadBit Ransomware Infection

The people responsible for the MadBit Ransomware ask victims to contact them via email. These people will demand a payment ranging from 200 to 600 USD to be paid using Bitcoin. Malware experts advise computer users to refrain from paying the MadBit Ransomware ransom. The best solution in the event of an infection like the MadBit Ransomware is to restore the affected files from a backup copy stored on an external memory device or the cloud, after using a security program that is fully up to date to remove the MadBit Ransomware infection itself from the affected PC.

SpyHunter Detects & Remove MadBit Ransomware