Red Ransomware
The Red Ransomware is yet another powerful threat, and part of the always growing family of malware of the Dharma Ransomware. As a variant of the countless members of the Dharma family, it behaves almost the same way as other members of the Dharma Ransomware brood. However, do not be fooled. The Red Ransomware is as threatening as its family members and can make miserable the life of its victims. After infiltrating the machine, the Red Ransomware encrypts the files stored on it with a powerful cryptographic algorithm and requests a ransom to be paid by the victims to restore the encrypted data.
The RED Ransomware may find its way to a computer via phishing emails claiming to contain a crucial download that can take the form of an external link or an attached file. The RED Ransomware also might invade a targeted machine via game cracks, software activators and even on an illicit copy of your favorite movie.
All the files encrypted by the Red Ransomware will have their original names changed because the Red Ransomware will add the '.id-<VICTIM ID>.[redline@onionmail.org].RED' file extension to their names as a new extension. For example, if the file was named 'Nature1.png' previously, it will be changed to 'Picture1.png.id-<VICTIM ID>.[redline@onionmail.org].RED'. The ransom note displayed by the cybercriminals will be dropped as a text file named 'info.txt.' Two email addresses for making contact with the hackers are provided. They are redline@onionmail.org and redline@msgsafe.io.
The text contained in the 'info.txt' file reads:
'YOUR FILES ARE ENCRYPTED
1024
Don't worry, you can return all your files!
If you want to restore them, write to the mail: redline@onionmail.org YOUR ID 1E857D00
If you have not answered by mail within 12 hours, write to us by another mail:redline@msgsafe.io
ATTENTION!
We recommend you contact us directly to avoid overpaying agents
Do not rename encrypted files.
Do not try to decrypt your data using third party software, it may cause permanent data loss.
Decryption of your files with the help of third parties may cause increased price (they add their fee to our) or you can become a victim of a scam.'
