Mailto Ransomware Description
Ransomware threats continue to be one of the most preferred methods of tricking people out of their money online. Almost anyone can build a data-locking Trojan and use it to extort people. This is because there are numerous ransomware building kits available online for free. Among the newest uncovered threats of this type is the Mailto Ransomware.
Propagation and Encryption
The infection vectors used by the perpetrators of the Mailto Ransomware are not known. Some malware researchers believe that the attackers may be utilizing fake pirated copies of popular applications, bogus software updates, and torrent trackers to spread the Mailto Ransomware. However, the most common method of distribution of this threat is spam emails certainly. These emails would contain a fraudulent message urging the user to open the corrupted attached file. This attachment carries the payload of the threat and would infect the users’ system as soon as they open it. The Mailto Ransomware is capable of locking a wide variety of file types. Usually, popular file types such as .jpeg, .jpg, .mp3, .mp4, .doc, .docx, .xls, .xlsx, .pdf, .mov, .ppt, .pptx among many others, will be targeted for encryption by data-locking Trojans like the Mailto Ransomware. When the files of interest are located, the Mailto Ransomware will proceed by triggering its encryption process. This file-locking Trojan applies an encryption algorithm to lock all the targeted data. When a file undergoes the encryption process of the Mailto Ransomware, you will notice that its name will be altered. This Trojan appends a '.mailto[2Hamlampampom@cock.li].
The Ransom Note
In the next step of the attack, the Mailto Ransomware drops a ransom note called '
It is advisable to avoid contacting cybercriminals. There is nothing to guarantee that you will be provided with the decryption key you need, even if you give in and pay the ransom fee. Instead, you should look into obtaining a reputable anti-malware solution, which will help you remove the Mailto Ransomware from your computer safely.