Threat Database Ransomware notopen@cock.li Ransomware

notopen@cock.li Ransomware

By GoldSparrow in Ransomware

The notopen@cock.li Ransomware is an encryption ransomware Trojan. The notopen@cock.li Ransomware is a variant of the Everbe Ransomware, a well-known encryption ransomware Trojan. The notopen@cock.li Ransomware carries out a typical version of these dreadful attacks.

Symptoms of a notopen@cock.li Ransomware Infection

Once the notopen@cock.li Ransomware has been installed, it will scan the victim's computer for certain types of files and encrypt them using a strong encryption algorithm. The notopen@cock.li Ransomware targets the user-generated files, which may include files with the following file extensions:

.jpg, .jpeg, .raw, .tif, .gif, .png, .bmp, .3dm, .max, .accdb, .db, .dbf, .mdb, .pdb, .sql, .dwg, .dxf, .cpp, .cs, .h, .php, .asp, .rb, .java, .jar, .class, .py, .js, .aaf, .aep, .aepx, .plb, .prel, .prproj, .aet, .ppj, .psd, .indd, .indl, .indt, .indb, .inx, .idml, .pmd, .xqx, .xqx, .ai, .eps, .ps, .svg, .swf, .fla, .as3, .as, .txt, .doc, .dot, .docx, .docm, .dotx, .dotm, .docb, .rtf, .wpd, .wps, .msg, .pdf, .xls, .xlt, .xlm, .xlsx, .xlsm, .xltx, .xltm, .xlsb, .xla, .xlam, .xll, .xlw, .ppt, .pot, .pps, .pptx, .pptm, .potx, .potm, .ppam, .ppsx, .ppsm, .sldx, .sldm, .wav, .mp3, .aif, .iff, .m3u, .m4u, .mid, .mpa, .wma, .ra, .avi, .mov, .mp4, .3gp, .mpeg, .3g2, .asf, .asx, .flv, .mpg, .wmv, .vob, .m3u8, .dat, .csv, .efx, .sdf, .vcf, .xml, .ses, .qbw, .qbb, .qbm, .qbi, .qbr , .cnt, .des, .v30, .qbo, .ini, .lgb, .qwc, .qbp, .aif, .qba, .tlg, .qbx, .qby , .1pa, .qpd, .txt, .set, .iif, .nd, .rtp, .tlg, .wav, .qsm, .qss, .qst, .fx0, .fx1, .mx0, .fpx, .fxr, .fim, .ptb, .ai, .pfb, .cgn, .vsd, .cdr, .cmx, .cpt, .csl, .cur, .des, .dsf, .ds4, , .drw, .eps, .ps, .prn, .gif, .pcd, .pct, .pcx, .plt, .rif, .svg, .swf, .tga, .tiff, .psp, .ttf, .wpd, .wpg, .wi, .raw, .wmf, .txt, .cal, .cpx, .shw, .clk, .cdx, .cdt, .fpx, .fmv, .img, .gem, .xcf, .pic, .mac, .met, .pp4, .pp5, .ppf, .nap, .pat, .ps, .prn, .sct, .vsd, .wk3, .wk4, .xpm, .zip, .rar.

The notopen@cock.li Ransomware attack will mark the files it compromises with the string '.[.]NOT OPEN' by adding it to each file's name.

The notopen@cock.li Ransomware’s Ransom Demands

The notopen@cock.li Ransomware, like most encryption ransomware Trojans, demands a ransom from the victim that will be traded for a decryption key, which is the only tool that can restore the affected files. The notopen@cock.li Ransomware delivers its ransom demand in the form of a text file named '_HOW_RECOVERY_FILES_!.txt' dropped on the infected computer. The victim is urged to contact the criminals via email to receive the decryption key. However, the recommendation from the specialists is that computer users do not contact these criminals or pay any ransom. The notopen@cock.li Ransomware's ransom note reads:

'HELLO, DEAR FRIEND!
[ ALL YOUR FILES HAVE BEEN ENCRYPTED! ]
Your files are NOT damaged! Your files are modified only. This modification is reversible.
The only 1 way to decrypt your files is to receive the decryption program.
[ HOW TO RECOVERY FILES? ]
To receive the decryption program write to email: notopen@cock.li
And in subject write your ID: ID-[redacted 10 hex]
We send you full instruction how to decrypt all your files.
If we do not respond within 24 hours, write to the email: tryopen@cock.li
[ FREE DECRYPTION! ]
Free decryption as guarantee. We guarantee the receipt of the decryption program after payment. To believe, you can give us up to 3 files that we decrypt for free.
Files should not be important to you! (databases, backups, large excel sheets, etc.)'

Protecting Your Data from the notopen@cock.li Ransomware

It seems that the notopen@cock.li Ransomware is distributed through corrupted spam email messages, like most encryption ransomware Trojans. Because of this, the best computer users can do is learn to handle spam email attachments safely. The notopen@cock.li Ransomware uses a very effectual encryption process so that the only foolproof way to ensure that you can recover your files after a notopen@cock.li Ransomware attack is by having backup copies of your files.

Trending

Most Viewed

Loading...