Threat Database Ransomware ‘.RECOVERYOURFILES File Extension’ Ransomware

‘.RECOVERYOURFILES File Extension’ Ransomware

By GoldSparrow in Ransomware

The '.RECOVERYOURFILES File Extension' Ransomware is an encryption ransomware Trojan first observed on July 31, 2018. The '.RECOVERYOURFILES File Extension' Ransomware is based on an open source encryption engine to make the victim's files inaccessible. The '.RECOVERYOURFILES File Extension' Ransomware, like most ransomware Trojans of this type, will take the victim's files hostage to demand a ransom payment. The best protection against the '.RECOVERYOURFILES File Extension' Ransomware is to take preventive measures to ensure that your data is safe from these threats.

How the '.RECOVERYOURFILES File Extension' Ransomware Invades a Computer

The '.RECOVERYOURFILES File Extension' Ransomware uses the AES 256 and RSA 2048 encryption to make the victim's files inaccessible. The '.RECOVERYOURFILES File Extension' Ransomware will target a wide variety of file types, searching for te user generated filesprimarily, such as media files, images, databases, configuration files and numerous others. Threats like the '.RECOVERYOURFILES File Extension' Ransomware target the files specified below in their attacks:

.ebd, .jbc, .pst, .ost, .tib, .tbk, .bak, .bac, .abk, .as4, .asd, .ashbak, .backup, .bck, .bdb, .bk1, .bkc, .bkf, .bkp, .boe, .bpa, .bpd, .bup, .cmb, .fbf, .fbw, .fh, .ful, .gho, .ipd, .nb7, .nba, .nbd, .nbf, .nbi, .nbu, .nco, .oeb, .old, .qic, .sn1, .sn2, .sna, .spi, .stg, .uci, .win, .xbk, .iso, .htm, .html, .mht, .p7, .p7c, .pem, .sgn, .sec, .cer, .csr, .djvu, .der, .stl, .crt, .p7b, .pfx, .fb, .fb2, .tif, .tiff, .pdf, .doc, .docx, .docm, .rtf, .xls, .xlsx, .xlsm, .ppt, .pptx, .ppsx, .txt, .cdr, .jpe, .jpg, .jpeg, .png, .bmp, .jiff, .jpf, .ply, .pov, .raw, .cf, .cfn, .tbn, .xcf, .xof, .key, .eml, .tbb, .dwf, .egg, .fc2, .fcz, .fg, .fp3, .pab, .oab, .psd, .psb, .pcx, .dwg, .dws, .dxe, .zip, .zipx, .7z, .rar, .rev, .afp, .bfa, .bpk, .bsk, .enc, .rzk, .rzx, .sef, .shy, .snk, .accdb, .ldf, .accdc, .adp, .dbc, .dbx, .dbf, .dbt, .dxl, .edb, .eql, .mdb, .mxl, .mdf, .sql, .sqlite, .sqlite3, .sqlitedb, .kdb, .kdbx, .1cd, .dt, .erf, .lgp, .md, .epf, .efb, .eis, .efn, .emd, .emr, .end, .eog, .erb, .ebn, .ebb, .prefab, .jif, .wor, .csv, .msg, .msf, .kwm, .pwm, .ai, .eps, .abd, .repx, .oxps, .dot.

The '.RECOVERYOURFILES File Extension' Ransomware marks all files encrypted in its attack by adding the file extension '.RECOVERYOURFILES' to the end of the affected files' names.

The '.RECOVERYOURFILES File Extension' Ransomware's Ransom Demand

Threats like the '.RECOVERYOURFILES File Extension' Ransomware are monetized by demanding ransom payments from the victims of the attack. To do this, the '.RECOVERYOURFILES File Extension' Ransomware will present the victim with a ransom note, which alerts the victim of the attack and demands a ransom payment. The '.RECOVERYOURFILES File Extension' Ransomware delivers its ransom note in a text file named 'INSTRUCTIONS_RECOVER_FILES.txt,' which contains the following message:

'--- IMPORTANT INFORMATION ---
ALL YOUR FILES ARE ENCRYPTED WITH RSA-2048 and AES-128 CIPHERS.
DECRYPTING OF YOUR FILES IS ONLY POSSIBLE WITH OUR KEY.
This is your ID:
[800 random characters]
SEND EMAIL TO RECOVER:
auuahk@yandex.com
ouuohk@eclipso.eu'

Computer users must refrain from contacting the email addresses mentioned in the '.RECOVERYOURFILES File Extension' Ransomware ransom note. It is very improbable that the criminals will help victims recover their files. Instead, they will try to trick the victims or target them with additional malware.

Protecting Your Data from Threats Like the '.RECOVERYOURFILES File Extension' Ransomware

The best protection against threats like the '.RECOVERYOURFILES File Extension' Ransomware is to have safely stored file backups. This allows the victims of the '.RECOVERYOURFILES File Extension' Ransomware attack to restore the compromised files by replacing them with backup copies. Apart from file backups, computer users are advised to use a reliable anti-malware program to ensure that threats like the '.RECOVERYOURFILES File Extension' Ransomware can be intercepted and removed before they damage the targeted computers' files and other irreplaceable data. File backups paired with a security program are the best way to stop threats like the '.RECOVERYOURFILES File Extension' Ransomware.

Trending

Most Viewed

Loading...