Threat Database Ransomware Ransomware Ransomware

By GoldSparrow in Ransomware

The '' Ransomware is an encryption ransomware Trojan. The '' Ransomware uses the AES and RSA encryptions to make victims' files inaccessible, taking them hostage until the victim pays a ransom amount in exchange for the decryption key. Malware researchers advise computer users to install backups to protect their data from threats like the '' Ransomware.

How Do You Know that You are Infected bythe '' Ransomware

The '' Ransomware targets the user-generated files in its attack. The files containing the subsequent extensions may be vulnerable to attacks like the '' Ransomware:

.ebd, .jbc, .pst, .ost, .tib, .tbk, .bak, .bac, .abk, .as4, .asd, .ashbak, .backup, .bck, .bdb, .bk1, .bkc, .bkf, .bkp, .boe, .bpa, .bpd, .bup, .cmb, .fbf, .fbw, .fh, .ful, .gho, .ipd, .nb7, .nba, .nbd, .nbf, .nbi, .nbu, .nco, .oeb, .old, .qic, .sn1, .sn2, .sna, .spi, .stg, .uci, .win, .xbk, .iso, .htm, .html, .mht, .p7, .p7c, .pem, .sgn, .sec, .cer, .csr, .djvu, .der, .stl, .crt, .p7b, .pfx, .fb, .fb2, .tif, .tiff, .pdf, .doc, .docx, .docm, .rtf, .xls, .xlsx, .xlsm, .ppt, .pptx, .ppsx, .txt, .cdr, .jpe, .jpg, .jpeg, .png, .bmp, .jiff, .jpf, .ply, .pov, .raw, .cf, .cfn, .tbn, .xcf, .xof, .key, .eml, .tbb, .dwf, .egg, .fc2, .fcz, .fg, .fp3, .pab, .oab, .psd, .psb, .pcx, .dwg, .dws, .dxe, .zip, .zipx, .7z, .rar, .rev, .afp, .bfa, .bpk, .bsk, .enc, .rzk, .rzx, .sef, .shy, .snk, .accdb, .ldf, .accdc, .adp, .dbc, .dbx, .dbf, .dbt, .dxl, .edb, .eql, .mdb, .mxl, .mdf, .sql, .sqlite, .sqlite3, .sqlitedb, .kdb, .kdbx, .1cd, .dt, .erf, .lgp, .md, .epf, .efb, .eis, .efn, .emd, .emr, .end, .eog, .erb, .ebn, .ebb, .prefab, .jif, .wor, .csv, .msg, .msf, .kwm, .pwm, .ai, .eps, .abd, .repx, .oxps, .dot.

Once the '' Ransomware has encrypted the victim's files, it will deliver a ransom note, which assumes the form of a text file named 'README.txt' that will be dropped on the infected computer's desktop. The text contained in the '' Ransomware's ransom note is the following:

'Your files are encrypted!
[forty random characters]
Discovered a serious vulnerability in your network security.
No data was stolen and no one will be able to do it while they are encrypted.
For you we have automatic decryptor and instructions for remediation.
You will receive automatic decryptor and all files will be restored
* To be sure in getting the decryption, you can send one file(less than 10MB) to [1st email] or [2nd email] In the letter include your personal ID(look at the beginning of this document).
Attempts to self-decrypting files will result in the loss of your data
Decoders other users are not compatible with your data, because each user's unique encryption key'

The '' Ransomware attack compromises the targeted files in a way that makes them easy to recognize because the '' Ransomware will rename the files, adding the file extensions '.mirey@tutanota.com_[hex string]' and '.merd@tutanota.com_[hex string]' to each file compromised by the '' Ransomware attack. However, contacting the email accounts associated with the creators of the '' Ransomware is not a recommended course of action.

Protecting Your Data from Threats Like the '' Ransomware

The best protection against threats like the '' Ransomware is to have backup copies of your files. These backup copies should be stored offline, on an external memory device, or on the cloud, out of reach of threats like the '' Ransomware. Apart from file backups, PC security researchers also advise computer users to use a security solution to protect their computers. The '' Ransomware and similar threats can be intercepted by a proper anti-malware application by preventing them from being installed on the targeted computer. It also can be used to remove the '' Ransomware completely once it has been installed. It is important to note, however, that anti-virus programs may not be capable of restoring the files encrypted in attacks like the '' Ransomware. Typically, the only way to regain access to the files compromised by these attacks is to have the decryption key, held by the criminals until the victim pays the ransom.


Most Viewed