Threat Database Ransomware Nyton Ransomware

Nyton Ransomware

Anti-virus software has spotted a new data-encrypting Trojan roaming the Internet recently. This new threat has been named Nyton Ransomware. Just like most ransomware threats, the Nyton Ransomware would make sure to encrypt all the data of their victims, as soon as it infiltrates their system. This means that all documents, images, audio files, videos, spreadsheets, databases, archives, presentations, etc. will be locked permanently.

Propagation and Encryption

It has been speculated that the creators of the Nyton Ransomware may be utilizing spam email campaigns to spread this data-locking Trojan. Usually, the email would contain a fraudulent message and a corrupted attachment. The goal of the bogus message is to trick the users into launching the attached file, which will infect the target's system. When it comes to ransomware threats, some of the other popular propagation methods would include fake pirated variants of popular software tools, torrent trackers, bogus application updates, etc. The Nyton Ransomware targets a long list of file types, and to locate the files that match its criteria, the threat will scan the compromised host. Once the files are located, the Nyton Ransomware will proceed with the attack by starting the encryption process. When a file undergoes the encryption process of the Nyton Ransomware, you will notice that its file name will be altered. This is because the Nyton Ransomware appends a '.nyton' extension to the newly locked files. For example, a file that has been called 'pale-gold.mp3' originally, will be renamed to 'pale-gold.mp3.nyton' after been locked by the Nyton Ransomware.

The Ransom Note

The Nyton Ransomware will drop a ransom note on the user's desktop as soon as the encryption process has been completed. The ransom message is kept in a file called '!NYTON_HELP.TXT.' In the note, the attackers claim that if the victims pay the ransom fee required, they will be provided with a decryption key that will be able to reverse the damage done to their data. The ransom fee is $300 in the shape of Bitcoin. The authors of the Nyton Ransomware demand to be contacted via email and provide an email address - ‘'

The attackers may try to sweet-talk you into giving them your money, but rest assured that even if you pay up, there is no guarantee that they will deliver on their promises. Countless victims of ransomware have been left empty-handed even after they have paid the ransom fee demanded. This is the motive you should consider investing in a legitimate anti-malware tool that will not only help you rid your system of the Nyton Ransomware but also make sure your system is safe in the future.


Most Viewed