'Orgasm@india.com' Ransomware

The Orgasm@india.com Ransomware is an encryption Trojan that threat investigators named after the email orgasm@india.com which victims are directed to contact if they want a decryptor. Initial threat assessment showed that the Orgasm@india.com Ransomware is delivered to users by corrupted documents attached to spam email. Computer users may be welcomed to download and open a macro-enabled PDF, DOCX and XLSX file. Experts recommend users to avoid spam email and delete messages coming from email addresses that resemble official accounts of services like PayPal and Amazon, and social media like Facebook, Instagram and Twitter.

Another Variant of the Globe Ransomware

In-depth analysis of the Orgasm@india.com Ransomware revealed that the Trojan is an altered version of the Globe Ransomware and works very similarly to the '.kyra File Extension' Ransomware. If you are familiar with threats like the Shade Ransomware and the Locky Ransomware, then you will not be surprised with the behavior of the Orgasm@india.com Ransomware. The Orgasm@india.com Ransomware is a typical representative of the file coder sub-division of ransomware and combines the AES and RSA ciphers to facilitate the encryption process. Moreover, the Orgasm@india.com Ransomware is known to target nearly five hundred file types and is likely to interfere with the work of specialized software. Computer users should be worried if the Orgasm@india.com Ransomware succeeds to encode data on their workstations and home PCs.

There is A Free Decryptor for Victims of the Orgasm@India.com Ransomware

Encrypted objects feature the '.orgasm@india.com' extension placed after the default file format. The names of the encrypted objects are not altered as opposed to how the Crypt0 Ransomware works. For example, if you have taken a photo of tulips in spring and stored the picture as 'tulips_Spring2016.png' it will be encrypted into 'tulips_Spring2016.png.orgasm@india.com'. At the time of writing this article, researchers managed to crack the engine of the Orgasm@India.com Ransomware and released a free decryptor, which you can find on Google as RansowmareFileDecryptor and GlobeDecryptor. However, you need to keep in mind that the creators of the Orgasm@india.com Ransomware are likely to release an updated version of the threat that may use improved encryption procedure and you may not be able to use the free decryptor. As a safety measure, you should install a backup manager and use removable storage and cloud services like Dropbox and Google to secure your data. Installing a reliable anti-malware scanner can provide additional protection to users. AV shield may detect the executable of the Orgasm@india.com Ransomware as:

• FileCryptor.MNW
• Gen:Variant.Zusy.204486
• Ransom_PURGE.SM1
• TR/ATRAPS.Gen
• Troj.Ransom.W32.Cryfile!c
• Trojan ( 004f6e981 )
• Trojan.Dynamer.A8
• Trojan.Win32.Generic!BT
• Trojan/Win32.CryFile.N2147488425
• Trojan:Win32/Dynamer!ac
• W32/Filecoder.FS!tr
• Win32.Trojan.Cryfile.Woza