PGP Ransomware

The PGP Ransomware is an encrypting malware that is part of the Dharma Ransomware family. This threatening program is designed to encrypt data on the victim’s PC and then demand a ransom in exchange for a decryption tool. The PGP Ransomware assigns every victim a unique ID, which is then added to all affected files, along with the cybercriminals’ emails address and the extension '.pgp.' When the ransomware has finished the encryption process, it also creates a ransom note, which appears in a pop-up window and is contained in a text document called "FILES ENCRYPTED.txt."

The ransom note gives instructions to the victims, stating that they need to contact the cybercriminals through the provided email address if they want to have their data unlocked. The ransom amount is not given; however, it depends on how quickly the victim initiates the communication with the cyber crooks and it has to be paid in Bitcoins. As typical for most ransomware infections, users are offered to get one small file decrypted for free, as long as that file does not contain any valuable information. Furthermore, the ransom note threatens that any attempts to decrypt the files without paying the ransom would result in a permanent data loss.

Most likely, the PGP Ransomware lands on a user’s computer through spam email campaigns, fake software updates, hacked programs offered for free on dubious websites or through Trojans. The removal of a Ransomware infection is a long and complicated process; therefore, the use of a reputable automatic malware removal tool is highly recommended.