'.onion File Extension' Ransomware

The '.onion File Extension' Ransomware is a ransomware Trojan that seems to be designed to target computer users in Brazil. The '.onion File Extension' Ransomware was first observed in April 2017 and follows an attack strategy typical of most ransomware Trojans. Essentially, the '.onion File Extension' Ransomware takes the victim's files hostage. To do this, the '.onion File Extension' Ransomware will encrypt the victim's files using a strong encryption algorithm, making them inaccessible completely. The '.onion File Extension' Ransomware then demands the payment of a ransom in exchange for the decryption key needed to recover the affected files. The '.onion File Extension' Ransomware seems to be designed to infect higher level targets than individual computer users, such as Web servers or business networks. However, individual computer users also are in danger of becoming infected via the '.onion File Extension' Ransomware.

How the '.onion File Extension' Ransomware may be Delivered to Its Victims

The '.onion File Extension' Ransomware is mainly being delivered using corrupted email attachments contained in targeted scam emails. The '.onion File Extension' Ransomware also is being installed on the victims' computers by taking advantage of weak passwords and security flaws on Web servers and corporative networks. The '.onion File Extension' Ransomware receives its name because it encrypts the victim's files and then marks affected files with the file extension '.onion.' The '.onion File Extension' Ransomware also renames the affected files, following the pattern '..id-[8 RANDOM CHARACTERS].[felix_dies@aol.com].onion.' The '.onion File Extension' Ransomware poses a real threat to the victim's files and targets a wide variety of file types. The '.onion File Extension' Ransomware will encrypt various file types, including the following:

.png, .psd, .pspimage, .tga, .thm, .tif, .tiff, .yuv, .ai, .eps, .ps, .svg, .indd, .pct, .pdf, .xlr, .xls, .xlsx, .accdb, .db, .dbf, .mdb, .pdb, .sql, .apk, .app, .bat, .cgi, .com, .exe, .gadget, .jar, .pif, .wsf, .dem, .gam, .nes, .rom, .sav, .dwg, .dxf, .gpx, .kml, .kmz, .asp, .aspx, .cer, .cfm, .csr, .css, .htm, .html, .js, .jsp, .php, .rss, .xhtml, .doc, .docx, .log, .msg, .odt, .pages, .rtf, .tex, .txt, .wpd, .wps, .csv, .dat, .ged, .key, .keychain, .pps, .ppt, .pptx, .ini, .prf, .hqx, .mim, .uue, .7z, .cbr, .deb, .gz, .pkg, .rar, .rpm, .sitx, .tar.gz, .zip, .zipx, .bin, .cue, .dmg, .iso, .mdf, .toast, .vcd, .sdf, .tar, .tax2014, .tax2015, .vcf, .xml, .aif, .iff, .m3u, .m4a, .mid, .mp3, .mpa, .wav, .wma, .3g2, .3gp, .asf, .avi, .flv, .m4v, .mov, .mp4, .mpg, .rm, .srt, .swf, .vob, .wmv, .3d, .3dm, .3ds, .max, .obj, .bmp, .dds, .gif, .jpg,.crx, .plugin, .fnt, .fon, .otf, .ttf, .cab, .cpl, .cur, .dll, .dmp, .drv, .icns, .ico, .lnk, .sys, .cfg.

How Con Artists may Use the '.onion File Extension' Ransomware to Make Money

The '.onion File Extension' Ransomware, after encrypting the victim's files, will deliver its ransom note. The '.onion File Extension' Ransomware's ransom note takes the form of a text file named 'BACK DATA BASE.txt,' which is placed on the infected computer's desktop. This text file contains a message instructing the victim to write to an email address to get instructions on how to accomplish the payment. Computer users shouldn't pay the '.onion File Extension' Ransomware ransom, even if there doesn't seem to be another way to recover the affected files. The con artists may ignore their promise to decrypt the affected files or demanding even more money. Furthermore, paying the '.onion File Extension' Ransomware ransom finances their activities, allowing them to carry out additional ransom attacks.

The solution to ensuring that attacks like the '.onion File Extension' Ransomware do not continue to proliferate, is to have preventive measures in place. The best way to nullify the '.onion File Extension' Ransomware attack completely is to have file backups, preferably offline disk images that can be used to recover the affected files. Strong security measures and security software can also prevent threats like the '.onion File Extension' Ransomware from infecting computers in the first place.