The Ox4444 Ransomware is an encryption ransomware Trojan first observed on November 8, 2018. The Ox4444 Ransomware, like most encryption ransomware Trojans, is designed to take victims' files hostage and then demand a ransom payment. Typically, the Ox4444 Ransomware is delivered using corrupted spam email attachments, or through compromised websites, hosting exploit kits that install the Ox4444 Ransomware on the visitors' computers.
How the Ox4444 Ransomware Carries Out Its Attack
The Ox4444 Ransomware uses the AES encryption to make the victim's files inaccessible. The Ox4444 Ransomware targets the user-generated files in its attack, which may include a wide variety of file types. The following are examples of the data that the Ox4444 Ransomware targets in its attacks:
.jpg, .jpeg, .raw, .tif, .gif, .png, .bmp, .3dm, .max, .accdb, .db, .dbf, .mdb, .pdb, .sql, .dwg, .dxf, .cpp, .cs, .h, .php, .asp, .rb, .java, .jar, .class, .py, .js, .aaf, .aep, .aepx, .plb, .prel, .prproj, .aet, .ppj, .psd, .indd, .indl, .indt, .indb, .inx, .idml, .pmd, .xqx, .xqx, .ai, .eps, .ps, .svg, .swf, .fla, .as3, .as, .txt, .doc, .dot, .docx, .docm, .dotx, .dotm, .docb, .rtf, .wpd, .wps, .msg, .pdf, .xls, .xlt, .xlm, .xlsx, .xlsm, .xltx, .xltm, .xlsb, .xla, .xlam, .xll, .xlw, .ppt, .pot, .pps, .pptx, .pptm, .potx, .potm, .ppam, .ppsx, .ppsm, .sldx, .sldm, .wav, .mp3, .aif, .iff, .m3u, .m4u, .mid, .mpa, .wma, .ra, .avi, .mov, .mp4, .3gp, .mpeg, .3g2, .asf, .asx, .flv, .mpg, .wmv, .vob, .m3u8, .dat, .csv, .efx, .sdf, .vcf, .xml, .ses, .qbw, .qbb, .qbm, .qbi, .qbr , .cnt, .des, .v30, .qbo, .ini, .lgb, .qwc, .qbp, .aif, .qba, .tlg, .qbx, .qby , .1pa, .qpd, .txt, .set, .iif, .nd, .rtp, .tlg, .wav, .qsm, .qss, .qst, .fx0, .fx1, .mx0, .fpx, .fxr, .fim, .ptb, .ai, .pfb, .cgn, .vsd, .cdr, .cmx, .cpt, .csl, .cur, .des, .dsf, .ds4, , .drw, .eps, .ps, .prn, .gif, .pcd, .pct, .pcx, .plt, .rif, .svg, .swf, .tga, .tiff, .psp, .ttf, .wpd, .wpg, .wi, .raw, .wmf, .txt, .cal, .cpx, .shw, .clk, .cdx, .cdt, .fpx, .fmv, .img, .gem, .xcf, .pic, .mac, .met, .pp4, .pp5, .ppf, .nap, .pat, .ps, .prn, .sct, .vsd, .wk3, .wk4, .xpm, .zip, .rar
The Ox4444 Ransomware attack's objective is to encrypt certain files and mark them with the file extension '.Ox4444,' which is added to the file's name. The Ox4444 Ransomware delivers a ransom note in the form of a text file named 'HOW_TO_BACK_FILES.txt,' which contains the following text:
'YOUR FILES ARE ENCRYPTED !!!
TO DECRYPT, FOLLOW THE INSTRUCTIONS:
To recover data you need decrypt tool.
To get the decrypt tool you should:
1.In the letter include your personal ID! Send me this ID in your first email to me!
2.We can give you free test for decrypt few files (NOT VALUE) and assign the price for decryption all files!
3.After we send you instruction how to pay for decrypt tool and after payment you will receive a decryption tool!
4.We can decrypt few files in quality the evidence that we have the decoder.
DO NOT TRY TO DO SOMETHING WITH YOUR FILES BY YOURSELF YOU WILL BRAKE YOUR DATA !!! ONLY WE ARE CAN HELP YOU! CONTACT US:
PC security researchers energically advise computer users to avoid contacting the criminals via the suggested email addresses. Computer users should refrain from paying any type of ransom to the criminals responsible for the Ox4444 Ransomware.
Protecting Your Data from Threats Like the Ox4444 Ransomware
Computer users should restore the files compromised by the attack from backup copies instead of paying the Ox4444 Ransomware ransom. The best protection against threats like the Ox4444 Ransomware is to have backup copies of the computer's files stored on the cloud or an external memory device. Apart from file backups, PC security researchers strongly advise computer users to use a security application that is fully up-to-date to ensure that their machines are fully protected from threats like the Ox4444 Ransomware and any other threats. This, coupled with safe online browsing practices and handling of email messages correctly can help prevent infections such as the Ox4444 Ransomware from entering your PC.