Makop Ransomware

Makop Ransomware Description

The Makop Ransomware is a file-locker Trojan that was detected by malware researchers a while ago. The Makop Ransomware was able to infect thousands of computers successfully, causing a lot of damage to its victims. The Makop Ransomware provides various emails that should be used by its victims to contact its perpetrators. Some of these email addresses are votrefile@tuta.io, datalost@foxmail.com davidrecovery@protonmail.com getdataback@qbmail.biz, Crypt@qbmail.biz, akzhq00705@protonmail.com and many others.

The Criminals Handling the Makop Ransomware Demand a Payment in Bitcoin

The Makop Ransomware uses the '.[].[].makop' file extension to lock the encrypted files. The Makop Ransomware delivers a ransom note called 'readme-warning.txt' that, although having the same contents, use different languages, depending on the version delivered to the victims. The English ransom note is the most common, but it may be presented in Turkish or German languages.

The Makop Ransomware utilizes various email addresses that should be used by its victims to contact its handlers. They also are instructed to access a payment page housed by TOR, which is possible by using the exclusive ID generated for their specific system. The ransom fee will be found on the payment page and only will be accepted in Bitcoin. The criminals offer to decrypt a couple of the victims' files for free, to prove that they have a working decryption software, which should be accepted.

The Attackers Want to Know the Victims Types They are Dealing With

The attackers will, surprisingly, ask their victims do describe the attack they are under, and which user types they are; a big business, a small business or an individual computer user. The victims also must specify the number of infected PCs, which can be from one to over 20. Security experts believe that the ransom amount will depend on the size of the victims' business. Big businesses will pay more; small businesses will pay less, and individual users will pay a ransom fee of $250.

The sad notice we have is that there is no free decryptor to help the victims of the Makop Ransomware. The good news is that farsighted victims who always keep an updated backup of their systems will recover the unusable files from the backup and will not need to pay the ransom or contact the criminals behind the Makop Ransomware. If you are among the lucky victims that can recover their files using a backup, do not forget to remove this threat from your computer(s) using a malware removal tool capable of dealing with ransomware.

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.


HTML is not allowed.