'prusa@rape.lol ' Ransomware

The 'prusa@rape.lol' Ransomware is an encryption ransomware Trojan that is used to damage the victims' files and then ask for a ransom payment from the victims. The most common way of distributing the 'prusa@rape.lol' Ransomware and threats like it is through corrupted spam email attachments and bogus downloads online. The 'prusa@rape.lol' Ransomware is a variant of a ransomware family that has been active since Fall 2017. The 'prusa@rape.lol' Ransomware variant was observed on March 19, 2019.

How the 'prusa@rape.lol' Ransomware Carries Out Its Attack

The 'prusa@rape.lol' Ransomware attack is similar to most encryption ransomware Trojans: the 'prusa@rape.lol' Ransomware uses strong encryption algorithms to make victims' files inaccessible. The 'prusa@rape.lol' Ransomware targets the user-generated files, which may include numerous documents, databases, media files and other data containers. The 'prusa@rape.lol' Ransomware marks the files it affects with the addition of the string '!!!! prusa@rape.lol !!!.prus' as a new extension to each affected file. Some of the files that the 'prusa@rape.lol' Ransomware targets in these kinds of attacks are displayed below:

.jpg, .jpeg, .raw, .tif, .gif, .png, .bmp, .3dm, .max, .accdb, .db, .dbf, .mdb, .pdb, .sql, .dwg, .dxf, .cpp, .cs, .h, .php, .asp, .rb, .java, .jar, .class, .py, .js, .aaf, .aep, .aepx, .plb, .prel, .prproj, .aet, .ppj, .psd, .indd, .indl, .indt, .indb, .inx, .idml, .pmd, .xqx, .xqx, .ai, .eps, .ps, .svg, .swf, .fla, .as3, .as, .txt, .doc, .dot, .docx, .docm, .dotx, .dotm, .docb, .rtf, .wpd, .wps, .msg, .pdf, .xls, .xlt, .xlm, .xlsx, .xlsm, .xltx, .xltm, .xlsb, .xla, .xlam, .xll, .xlw, .ppt, .pot, .pps, .pptx, .pptm, .potx, .potm, .ppam, .ppsx, .ppsm, .sldx, .sldm, .wav, .mp3, .aif, .iff, .m3u, .m4u, .mid, .mpa, .wma, .ra, .avi, .mov, .mp4, .3gp, .mpeg, .3g2, .asf, .asx, .flv, .mpg, .wmv, .vob, .m3u8, .dat, .csv, .efx, .sdf, .vcf, .xml, .ses, .qbw, .qbb, .qbm, .qbi, .qbr , .cnt, .des, .v30, .qbo, .ini, .lgb, .qwc, .qbp, .aif, .qba, .tlg, .qbx, .qby , .1pa, .qpd, .txt, .set, .iif, .nd, .rtp, .tlg, .wav, .qsm, .qss, .qst, .fx0, .fx1, .mx0, .fpx, .fxr, .fim, .ptb, .ai, .pfb, .cgn, .vsd, .cdr, .cmx, .cpt, .csl, .cur, .des, .dsf, .ds4, , .drw, .eps, .ps, .prn, .gif, .pcd, .pct, .pcx, .plt, .rif, .svg, .swf, .tga, .tiff, .psp, .ttf, .wpd, .wpg, .wi, .raw, .wmf, .txt, .cal, .cpx, .shw, .clk, .cdx, .cdt, .fpx, .fmv, .img, .gem, .xcf, .pic, .mac, .met, .pp4, .pp5, .ppf, .nap, .pat, .ps, .prn, .sct, .vsd, .wk3, .wk4, .xpm, .zip, .rar.

The 'prusa@rape.lol' Ransomware delivers a ransom note in the form of a text file named 'informprus.txt,' which is dropped on the infected computer's Desktop. The 'prusa@rape.lol' Ransomware ransom note, which also is delivered in Russian contains the following text:

'We are realy sorry to inform you that ALL YOUR FILES WERE ENCRYPTED
by our automatic software. It became possible because of bad server security.
ATENTION!!!
Please don't worry, we can help you to RESTORE your server to original
state and decrypt all your files quickly and safely!
INFORMATION!!!
Files are not broken!!!
Files were encrypted with AES-128+RSA-2048 crypto algorithms.
There is no way to decrypt your files without unique decryption key and special software. Your unique decryption key is securely stored on our server. For our safety, all information about your server and your decryption key will be automaticaly DELETED AFTER 7 DAYS! You will irrevocably lose all your data!
* Please note that all the attempts to recover your files by yourself or using third party tools will result only in irrevocable loss of your data!
* Please note that you can recover files only with your unique decryption key, which stored on our side. If you will use the help of third parties, you will only add a middleman.
HOW TO RECOVER FILES???
Please write us to the e-mail (write on English or use professional translator):
1 email: prusa@goat.si (Response time within 24 hours)
2 email: prusa@tutanota.de (replacement mail in the event that no reply in 24 hours by email 1)
You have to send your message on each of our 3 emails due to the fact that the message may not reach their intended recipient for a variety of reasons!'

Dealing with the 'prusa@rape.lol' Ransomware Infection

Malware specialists strongly advise computer users to refrain from contacting the criminals responsible for the 'prusa@rape.lol' Ransomware attack or following the 'prusa@rape.lol' Ransomware's demands. Instead, the 'prusa@rape.lol' Ransomware should be removed with a dependable anti-malware suite. The 'prusa@rape.lol' Ransomware encrypts the files in a way that they can only be recovered from backup copies.