Threat Database Ransomware ONIX Ransomware

ONIX Ransomware

Cybersecurity analysts have stumbled upon a new nasty Trojan dubbed the ONIX Ransomware. This file-encrypting Trojan does not seem to be a copy of any of the popular ransomware threats that are often appropriated by various cyber crooks.

Propagation and Encryption

It has not yet been reported what the propagation method employed in the distribution of the ONIX Ransomware is. It is speculated that spam email campaigns may be in the center of it. Usually, users would receive emails containing a bogus message and infected attachments. Ransomware threats also are often propagated via malvertising campaigns, fake application updates and downloads, torrent trackers, etc. The ONIX Ransomware will scan the data on the infected computer and then begin the encryption process. The data-locking Trojan would use a secure encryption algorithm to lock the targeted files. Users will notice that the ONIX Ransomware alters the name of their files. This is due to the fact that all the newly locked files would get a '.ONIX' extension. For example, a file called 'silver-moon.mp3' will be renamed to 'silver-moon.mp3.ONIX' when the encryption process has been concluded.

The Ransom Note

The ONIX Ransomware would drop a ransom note on the user's system named 'TRY_TO_READ.html.' The authors of the ONIX Ransomware fail to specify a ransom fee. Instead, they insist that the victim gets in touch with them to receive further instructions regarding the ransom fee and how to process the payment. The attackers prefer to communicate via email and have provided two addresses for this purpose – ‘' and ‘' It is likely that the attackers may demand to be paid in Bitcoin, as this helps them to protect their anonymity, which makes it less likely for law enforcement to identify them.

Despite all the promises that the creators of the ONIX Ransomware may make, resist the urge to cooperate with them. There is no guarantee that they will follow through with their end of the deal. It is always best to avoid contacting cybercriminals altogether. Instead, you should consider investing in a genuine anti-virus software solution that will help you remove the ONIX Ransomware from your PC. You can try to recover some of your data via a third-party file-recovery tool but do not expect miracles.

Related Posts


Most Viewed