R Ransomware

By GoldSparrow in Ransomware

Threat Scorecard

Threat Level: 100 % (High)
Infected Computers: 397
First Seen: April 3, 2017
Last Seen: February 8, 2022
OS(es) Affected: Windows

The R Ransomware is a ransomware Trojan that was first observed in April 2017. Victims of the R Ransomware are asked to make a ransom payment through a Tor network portal, which uses a logo made up of the letter 'R.' There are various ways in which the R Ransomware can enter a computer, including corrupted email attachments or hacking into computers directly, taking advantage of weak security measures. The R Ransomware uses a combination of the AES and RSA encryptions to encrypt the victims' files, taking them hostage after making them inaccessible. The R Ransomware represents a real threat to computer users and their data, and they should act to protect themselves from these attacks.

Understanding Threats Like the R Ransomware

Threats like the R Ransomware are quite threatening since the files encrypted in these attacks become inaccessible completely. The R Ransomware is designed to encrypt the victims' files and targets numerous file types, including video files, music files, images, and various types of documents. The R Ransomware uses a combination of the AES-256 and RSA-2048 encryption to make the victim's files completely unrecoverable after the attack. The R Ransomware delivers a ransom note in a text file that is named 'Ransomware.txt,' which includes instructions on how to pay the R Ransomware ransom to recover the affected files. The R Ransomware's ransom note is dropped on the infected computer's desktop. Below is the full text of the R Ransomware ransom note:

'Encrypted files!
All your files are encrypted. Using AES256-bit encryption and RSA-2048-bit encryption.
Making it impossible to recover files without the correct private key.
If you are interested in getting is the key and recover your files You should proceed with the following steps.
The only way to decrypt your files safely is to buy the Decrypt and Private Key software.
Any attempts to restore your files with the third-party software will be fatal for your files!
To proceed with the purchase, you must access one of the link below
If neither of the links is online for a long period of time, there is another way to open it, you should install the Tor Browser
If your personal page is not available for a long period there is another way to open your personal page - installation and use of Tor Browser:
[Instructions on how to install the TOR Browser]

Dealing with the R Ransomware Infection

PC security researchers strongly advise computer users to ignore the instructions in the R Ransomware ransom note and refrain from paying this ransomware threat's ransom. According to the R Ransomware, victims are meant to pay a large ransom of 2 BitCoins (approximately $2300 USD) to recover from the attack. Apart from the fact that the con artists may ignore the payments and fail to help victims recover from the attacks, paying this large amount of money finances harmful activities and allows more variants of the R Ransomware to be produced and distributed. Instead, take precautionary measures.

Fortunately, computer users can nullify the R Ransomware attack completely by simply having backup copies of their data. Having backup copies of all files allows victims to recover quickly from a R Ransomware attack by simply deleting the encrypted files and restoring them from the backup. However, make sure that the backup copies are located on an external memory device that is not connected to the main computer, or on the cloud and not allowed to synchronize (because this would put the backups themselves at risk for becoming encrypted in the attack). Although the files encrypted by the R Ransomware cannot be recovered yet, the R Ransomware infection itself can be removed with the help of a reliable security program that is fully up-to-date.

Related Posts


Most Viewed