Threat Database Ransomware OpenToYou Ransomware

OpenToYou Ransomware

By GoldSparrow in Ransomware

Threat Scorecard

Threat Level: 80 % (High)
Infected Computers: 12
First Seen: January 3, 2017
Last Seen: April 14, 2022
OS(es) Affected: Windows

The OpenToYou Ransomware is an encryption ransomware Trojan that is used to force computer users to pay large sums. To carry out this attack, the OpenToYou Ransomware encrypts its victim's files, making them inaccessible without the decryption key. Victims of the OpenToYou Ransomware attack are charged a ransom in exchange for the decryption key, which is stored on the Command and Control servers of theOpenToYou Ransomware Trojan. While it may be impossible to recover the files affected by encryption ransomware Trojans like the OpenToYou Ransomware, malware researchers have released a free decryption program for the OpenToYou Ransomware. This gives computer users affected by the OpenToYou Ransomware a way out without needing to pay the OpenToYou Ransomware ransom or to restore files from a backup copy.

The OpenToYou Ransomware do Exactly the Opposite of What Its Name Says

There are countless ransomware Trojans active today, and there are numerous variants in the OpenToYou Ransomware's family alone. The files encrypted by the OpenToYou Ransomware are easy to identify because the OpenToYou Ransomware will add the extension '.-the' to each affected file's name. Files that are encrypted by the OpenToYou Ransomware are not readable and will show up as blank icons in Windows Explorer. The OpenToYou Ransomware drops its ransom note in the form of a text file dropped on the victim's Desktop. This file is named '!!!.txt.' The OpenToYou Ransomware changes the affected PC's Desktop wallpaper image into a colorful version of its short ransom note.

How the OpenToYou Ransomware Demands Payment from Its Victims

The affected PC's Desktop wallpaper and the OpenToYou Ransomware's text file ransom note both contain the same message, telling the victims that their files were encrypted and it is necessary to contact the email address the to decrypt the affected files and receive further instructions. The decryption key necessary to decrypt the affected files is stored on the OpenToYou Ransomware's Command and Control servers and is under the control of the people responsible for the attack. The exact ransom that the people responsible for the OpenToYou Ransomware demand are still unknown, although most of these attacks demand payments ranging from approximately $500 to $1500 USD in BitCoins, varying depending on the extent of the encryption and value of the target frequently.

PC security researchers strongly advise computer users to avoid paying the OpenToYou Ransomware ransom. The people responsible for these attacks may ignore the victims, or ask for more money. Paying the OpenToYou Ransomware ransom also allows these con artists to continue creating these threats. While most computer users may have no recourse but to restore their files from a backup after these kinds of attacks, malware researchers have released a free decryption program that can help victims of the OpenToYou Ransomware recover their files.

Below is the full text of the OpenToYou Ransomware's text file and Desktop wallpaper ransom notes:

'Your personal files are encrypted!
Consult decrypt your data, you can write in the email the OpenToYou@INDIA.COM'

Dealing with and Preventing the OpenToYou Ransomware Infections

PC security analysts have received reports of countless variants of the OpenToYou Ransomware and other ransomware Trojans. Most ransomware Trojans use identical attacks, only varying in the strength of the encryption method and the details related to payment and the ransom note. The OpenToYou Ransomware is delivered using corrupted email attachments or through corrupted scripts contained in certain websites. Avoiding potentially risky websites and unsolicited email attachments can go a long way towards protecting your computer from attacks like the OpenToYou Ransomware. However, the best preemptive measure computer users can take to become well- protected against ransomware Trojans like the OpenToYou Ransomware is to have backups of all files. Having backup copies of your files ensures that in the event of an attack, the files can be recovered from the backup, removing any need to pay the ransom and any leverage the con artists could have over the victim.


Most Viewed