Mailto Ransomware

Mailto Ransomware Description

Ransomware threats continue to be one of the most preferred methods of tricking people out of their money online. Almost anyone can build a data-locking Trojan and use it to extort people. This is because there are numerous ransomware building kits available online for free. Among the newest uncovered threats of this type is the Mailto Ransomware.

Propagation and Encryption

The infection vectors used by the perpetrators of the Mailto Ransomware are not known. Some malware researchers believe that the attackers may be utilizing fake pirated copies of popular applications, bogus software updates, and torrent trackers to spread the Mailto Ransomware. However, the most common method of distribution of this threat is spam emails certainly. These emails would contain a fraudulent message urging the user to open the corrupted attached file. This attachment carries the payload of the threat and would infect the users’ system as soon as they open it. The Mailto Ransomware is capable of locking a wide variety of file types. Usually, popular file types such as .jpeg, .jpg, .mp3, .mp4, .doc, .docx, .xls, .xlsx, .pdf, .mov, .ppt, .pptx among many others, will be targeted for encryption by data-locking Trojans like the Mailto Ransomware. When the files of interest are located, the Mailto Ransomware will proceed by triggering its encryption process. This file-locking Trojan applies an encryption algorithm to lock all the targeted data. When a file undergoes the encryption process of the Mailto Ransomware, you will notice that its name will be altered. This Trojan appends a '.mailto[2Hamlampampom@cock.li].' extension to the locked files, where the ‘VICTIM ID’ is a uniquely generated ID for each user affected by the Mailto Ransomware.

The Ransom Note

In the next step of the attack, the Mailto Ransomware drops a ransom note called '-Readme.txt.' The ransom message is rather lengthy, and in it, the attackers explain to the victims what has happened to their files. They claim that there is no way to recover any of the affected data unless they cooperate with them and pay up the ransom fee. The authors of the Mailto Ransomware warn that if they take too long to get in touch, it is likely that the victims may never be able to recover their data. The attackers offer to unlock several files free of charge to prove to the victims that they are capable of decrypting the affected data. There are two email addresses provided as a means of communication – ‘2Hamlampampom@cock.li’ and ‘Galgalgalgalk@tutanota.com.’

It is advisable to avoid contacting cybercriminals. There is nothing to guarantee that you will be provided with the decryption key you need, even if you give in and pay the ransom fee. Instead, you should look into obtaining a reputable anti-malware solution, which will help you remove the Mailto Ransomware from your computer safely.

Do You Suspect Your PC May Be Infected with Mailto Ransomware & Other Threats? Scan Your PC with SpyHunter

SpyHunter is a powerful malware remediation and protection tool designed to help provide PC users with in-depth system security analysis, detection and removal of a wide range of threats like Mailto Ransomware as well as a one-on-one tech support service. Download SpyHunter's FREE Malware Remover
Note: SpyHunter's scanner is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware removal tool to remove the malware threats. Read more on SpyHunter. Free Remover allows you to run a one-off scan and receive, subject to a 48-hour waiting period, one remediation and removal. Free Remover subject to promotional details and Special Promotion Terms. To understand our policies, please also review our EULA, Privacy Policy and Threat Assessment Criteria. If you no longer wish to have SpyHunter installed on your computer, follow these steps to uninstall SpyHunter.

Security Doesn't Let You Download SpyHunter or Access the Internet?

Solutions: Your computer may have malware hiding in memory that prevents any program, including SpyHunter, from executing on your computer. Follow to download SpyHunter and gain access to the Internet:
  • Use an alternative browser. Malware may disable your browser. If you're using IE, for example, and having problems downloading SpyHunter, you should open Firefox, Chrome or Safari browser instead.
  • Use a removable media. Download SpyHunter on another clean computer, burn it to a USB flash drive, DVD/CD, or any preferred removable media, then install it on your infected computer and run SpyHunter's malware scanner.
  • Start Windows in Safe Mode. If you can not access your Window's desktop, reboot your computer in "Safe Mode with Networking" and install SpyHunter in Safe Mode.
  • IE Users: Disable proxy server for Internet Explorer to browse the web with Internet Explorer or update your anti-spyware program. Malware modifies your Windows settings to use a proxy server to prevent you from browsing the web with IE.
If you still can't install SpyHunter? View other possible causes of installation issues.

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.