Octopus Ransomware

Octopus Ransomware Description

A growing number of file-locking Trojans is being spotted daily as more and more cybercriminals dip their toes in the opportunities that ransomware threats offer. If one uses a ransomware building kit or borrows the code of an already established threat of this kind, it can be fairly easy to create a data-encrypting Trojan. This has lowered the entry bar for cyber crooks greatly and made ransomware threats wildly popular. One of the latest spotted ransomware threats is called the Octopus Ransomware. The Octopus Ransomware is a variant of the nefarious Phobos Ransomware.

Propagation and Encryption

The propagation method behind the Octopus Ransomware is yet to be revealed. Some researchers speculate that the attackers may have used the most common technique of spreading file-locking Trojans – spam email campaigns. This involves the sending of an email that contains a fraudulent message aiming at convincing the targets that they should open the seemingly harmless attached file. However, the attachment is certainly not harmless and would carry the unsafe payload of the threat. Cybercriminals can use other alternative propagation methods such as fake pirated variants of popular applications, bogus software updates, and torrent trackers, among many others. The Octopus Ransomware targets countless file types and makes sure to lock them using an encryption algorithm. Once a file undergoes the encryption process of the Octopus Ransomware, you will notice that its extension has been altered. This is because the Octopus Ransomware appends a '.id[].[octopusdoc@mail.ee].octopus' extension at the end of the file names, where the 'VICTIM ID' is generated for each affected person uniquely. For example, a file called 'wheat-fields.jpeg' initially will be renamed to 'wheat-fields.jpeg.id[].[octopusdoc@mail.ee].octopus' when the Octopus Ransomware is done locking it.

The Ransom Note

Next, the Octopus Ransomware will drop a concise ransom note called 'info.txt,' which states:

’ !!!All of your files are encrypted!!!
To decrypt them send e-mail to this address: octopusdoc@mail.ee.
If we don't answer in 24h., send e-mail to this address: octopusdoc@airmail.cc’

In the note, the attackers inform the users that all their data has been locked and they must pay a ransom fee if they want to retrieve their files. The authors of the Octopus Ransomware provide a primary and secondary email address, which are as follows – ‘octopusdoc@mail.ee' and ‘octopusdoc@airmail.cc.' The latter is given as a backup plan, in case the victim does not receive a reply from the first one within 24 hours.

We would advise you to keep away from the authors of the Octopus Ransomware. Even users who pay up are often left empty-handed by cyber crooks like these. Instead, you should obtain a reputable anti-malware solution, which will help you remove the Octopus Ransomware from your computer and keep it safe in the future.

Do You Suspect Your PC May Be Infected with Octopus Ransomware & Other Threats? Scan Your PC with SpyHunter

SpyHunter is a powerful malware remediation and protection tool designed to help provide PC users with in-depth system security analysis, detection and removal of a wide range of threats like Octopus Ransomware as well as a one-on-one tech support service. Download SpyHunter's FREE Malware Remover
Note: SpyHunter's scanner is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware removal tool to remove the malware threats. Read more on SpyHunter. Free Remover allows you to run a one-off scan and receive, subject to a 48-hour waiting period, one remediation and removal. Free Remover subject to promotional details and Special Promotion Terms. To understand our policies, please also review our EULA, Privacy Policy and Threat Assessment Criteria. If you no longer wish to have SpyHunter installed on your computer, follow these steps to uninstall SpyHunter.

Security Doesn't Let You Download SpyHunter or Access the Internet?

Solutions: Your computer may have malware hiding in memory that prevents any program, including SpyHunter, from executing on your computer. Follow to download SpyHunter and gain access to the Internet:
  • Use an alternative browser. Malware may disable your browser. If you're using IE, for example, and having problems downloading SpyHunter, you should open Firefox, Chrome or Safari browser instead.
  • Use a removable media. Download SpyHunter on another clean computer, burn it to a USB flash drive, DVD/CD, or any preferred removable media, then install it on your infected computer and run SpyHunter's malware scanner.
  • Start Windows in Safe Mode. If you can not access your Window's desktop, reboot your computer in "Safe Mode with Networking" and install SpyHunter in Safe Mode.
  • IE Users: Disable proxy server for Internet Explorer to browse the web with Internet Explorer or update your anti-spyware program. Malware modifies your Windows settings to use a proxy server to prevent you from browsing the web with IE.
If you still can't install SpyHunter? View other possible causes of installation issues.

Related Posts

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.