‘.onion File Extension’ Ransomware

‘.onion File Extension’ Ransomware Description

The '.onion File Extension' Ransomware is a ransomware Trojan that seems to be designed to target computer users in Brazil. The '.onion File Extension' Ransomware was first observed in April 2017 and follows an attack strategy typical of most ransomware Trojans. Essentially, the '.onion File Extension' Ransomware takes the victim's files hostage. To do this, the '.onion File Extension' Ransomware will encrypt the victim's files using a strong encryption algorithm, making them inaccessible completely. The '.onion File Extension' Ransomware then demands the payment of a ransom in exchange for the decryption key needed to recover the affected files. The '.onion File Extension' Ransomware seems to be designed to infect higher level targets than individual computer users, such as Web servers or business networks. However, individual computer users also are in danger of becoming infected via the '.onion File Extension' Ransomware.

How the '.onion File Extension' Ransomware may be Delivered to Its Victims

The '.onion File Extension' Ransomware is mainly being delivered using corrupted email attachments contained in targeted scam emails. The '.onion File Extension' Ransomware also is being installed on the victims' computers by taking advantage of weak passwords and security flaws on Web servers and corporative networks. The '.onion File Extension' Ransomware receives its name because it encrypts the victim's files and then marks affected files with the file extension '.onion.' The '.onion File Extension' Ransomware also renames the affected files, following the pattern '..id-[8 RANDOM CHARACTERS].[felix_dies@aol.com].onion.' The '.onion File Extension' Ransomware poses a real threat to the victim's files and targets a wide variety of file types. The '.onion File Extension' Ransomware will encrypt various file types, including the following:

.png, .psd, .pspimage, .tga, .thm, .tif, .tiff, .yuv, .ai, .eps, .ps, .svg, .indd, .pct, .pdf, .xlr, .xls, .xlsx, .accdb, .db, .dbf, .mdb, .pdb, .sql, .apk, .app, .bat, .cgi, .com, .exe, .gadget, .jar, .pif, .wsf, .dem, .gam, .nes, .rom, .sav, .dwg, .dxf, .gpx, .kml, .kmz, .asp, .aspx, .cer, .cfm, .csr, .css, .htm, .html, .js, .jsp, .php, .rss, .xhtml, .doc, .docx, .log, .msg, .odt, .pages, .rtf, .tex, .txt, .wpd, .wps, .csv, .dat, .ged, .key, .keychain, .pps, .ppt, .pptx, .ini, .prf, .hqx, .mim, .uue, .7z, .cbr, .deb, .gz, .pkg, .rar, .rpm, .sitx, .tar.gz, .zip, .zipx, .bin, .cue, .dmg, .iso, .mdf, .toast, .vcd, .sdf, .tar, .tax2014, .tax2015, .vcf, .xml, .aif, .iff, .m3u, .m4a, .mid, .mp3, .mpa, .wav, .wma, .3g2, .3gp, .asf, .avi, .flv, .m4v, .mov, .mp4, .mpg, .rm, .srt, .swf, .vob, .wmv, .3d, .3dm, .3ds, .max, .obj, .bmp, .dds, .gif, .jpg,.crx, .plugin, .fnt, .fon, .otf, .ttf, .cab, .cpl, .cur, .dll, .dmp, .drv, .icns, .ico, .lnk, .sys, .cfg.

How Con Artists may Use the '.onion File Extension' Ransomware to Make Money

The '.onion File Extension' Ransomware, after encrypting the victim's files, will deliver its ransom note. The '.onion File Extension' Ransomware's ransom note takes the form of a text file named 'BACK DATA BASE.txt,' which is placed on the infected computer's desktop. This text file contains a message instructing the victim to write to an email address to get instructions on how to accomplish the payment. Computer users shouldn't pay the '.onion File Extension' Ransomware ransom, even if there doesn't seem to be another way to recover the affected files. The con artists may ignore their promise to decrypt the affected files or demanding even more money. Furthermore, paying the '.onion File Extension' Ransomware ransom finances their activities, allowing them to carry out additional ransom attacks.

The solution to ensuring that attacks like the '.onion File Extension' Ransomware do not continue to proliferate, is to have preventive measures in place. The best way to nullify the '.onion File Extension' Ransomware attack completely is to have file backups, preferably offline disk images that can be used to recover the affected files. Strong security measures and security software can also prevent threats like the '.onion File Extension' Ransomware from infecting computers in the first place.

Infected with ‘.onion File Extension’ Ransomware? Scan Your PC for Free

Download SpyHunter's Spyware Scanner
to Detect ‘.onion File Extension’ Ransomware
* SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware removal tool to remove the malware threats. Read more on SpyHunter. If you no longer wish to have SpyHunter installed on your computer, follow these steps to uninstall SpyHunter.

Security Doesn't Let You Download SpyHunter or Access the Internet?

Solutions: Your computer may have malware hiding in memory that prevents any program, including SpyHunter, from executing on your computer. Follow to download SpyHunter and gain access to the Internet:
  • Use an alternative browser. Malware may disable your browser. If you're using IE, for example, and having problems downloading SpyHunter, you should open Firefox, Chrome or Safari browser instead.
  • Use a removable media. Download SpyHunter on another clean computer, burn it to a USB flash drive, DVD/CD, or any preferred removable media, then install it on your infected computer and run SpyHunter's malware scanner.
  • Start Windows in Safe Mode. If you can not access your Window's desktop, reboot your computer in "Safe Mode with Networking" and install SpyHunter in Safe Mode.
  • IE Users: Disable proxy server for Internet Explorer to browse the web with Internet Explorer or update your anti-spyware program. Malware modifies your Windows settings to use a proxy server to prevent you from browsing the web with IE.

If you still can't install SpyHunter? View other possible causes of installation issues.

Site Disclaimer

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.

IMPORTANT! To be able to proceed, you need to solve the following simple math.
Please leave these two fields as is:
What is 9 + 8 ?