Octopus Ransomware Description
A growing number of file-locking Trojans is being spotted daily as more and more cybercriminals dip their toes in the opportunities that ransomware threats offer. If one uses a ransomware building kit or borrows the code of an already established threat of this kind, it can be fairly easy to create a data-encrypting Trojan. This has lowered the entry bar for cyber crooks greatly and made ransomware threats wildly popular. One of the latest spotted ransomware threats is called the Octopus Ransomware. The Octopus Ransomware is a variant of the nefarious Phobos Ransomware.
Propagation and Encryption
The propagation method behind the Octopus Ransomware is yet to be revealed. Some researchers speculate that the attackers may have used the most common technique of spreading file-locking Trojans – spam email campaigns. This involves the sending of an email that contains a fraudulent message aiming at convincing the targets that they should open the seemingly harmless attached file. However, the attachment is certainly not harmless and would carry the unsafe payload of the threat. Cybercriminals can use other alternative propagation methods such as fake pirated variants of popular applications, bogus software updates, and torrent trackers, among many others. The Octopus Ransomware targets countless file types and makes sure to lock them using an encryption algorithm. Once a file undergoes the encryption process of the Octopus Ransomware, you will notice that its extension has been altered. This is because the Octopus Ransomware appends a '.id[
The Ransom Note
Next, the Octopus Ransomware will drop a concise ransom note called 'info.txt,' which states:
’ !!!All of your files are encrypted!!!
To decrypt them send e-mail to this address: firstname.lastname@example.org.
If we don't answer in 24h., send e-mail to this address: email@example.com’
In the note, the attackers inform the users that all their data has been locked and they must pay a ransom fee if they want to retrieve their files. The authors of the Octopus Ransomware provide a primary and secondary email address, which are as follows – ‘firstname.lastname@example.org' and ‘email@example.com.' The latter is given as a backup plan, in case the victim does not receive a reply from the first one within 24 hours.
We would advise you to keep away from the authors of the Octopus Ransomware. Even users who pay up are often left empty-handed by cyber crooks like these. Instead, you should obtain a reputable anti-malware solution, which will help you remove the Octopus Ransomware from your computer and keep it safe in the future.
Do You Suspect Your PC May Be Infected with Octopus Ransomware & Other Threats? Scan Your PC with SpyHunterSpyHunter is a powerful malware remediation and protection tool designed to help provide PC users with in-depth system security analysis, detection and removal of a wide range of threats like Octopus Ransomware as well as a one-on-one tech support service. Download SpyHunter's FREE Malware Remover
Security Doesn't Let You Download SpyHunter or Access the Internet?Solutions: Your computer may have malware hiding in memory that prevents any program, including SpyHunter, from executing on your computer. Follow to download SpyHunter and gain access to the Internet:
- Use an alternative browser. Malware may disable your browser. If you're using IE, for example, and having problems downloading SpyHunter, you should open Firefox, Chrome or Safari browser instead.
- Use a removable media. Download SpyHunter on another clean computer, burn it to a USB flash drive, DVD/CD, or any preferred removable media, then install it on your infected computer and run SpyHunter's malware scanner.
- Start Windows in Safe Mode. If you can not access your Window's desktop, reboot your computer in "Safe Mode with Networking" and install SpyHunter in Safe Mode.
- IE Users: Disable proxy server for Internet Explorer to browse the web with Internet Explorer or update your anti-spyware program. Malware modifies your Windows settings to use a proxy server to prevent you from browsing the web with IE.