's29js31@tutamail.com' Ransomware

The 's29js31@tutamail.com' Ransomware is an encryption ransomware Trojan that is one of the many variants in the Scarab family of ransomware, which has seen numerous new releases in 2018. The 's29js31@tutamail.com' Ransomware was first observed on September 9, 2018, and carries out a typical version of these attacks, by encrypting the victim's files using a strong encryption algorithm and then demanding a ransom. The 's29js31@tutamail.com' Ransomware seems to target computer users in Russian speaking regions and runs as an executable file named 'Abandon.exe' on the infected PCs.

What the 's29js31@tutamail.com' Ransomware will Do with Your Files

The 's29js31@tutamail.com' Ransomware targets the user-generated files in its attacks, which may include numerous document types and media files. The 's29js31@tutamail.com' Ransomware marks the files it encrypts by adding the file extension '.hitler' to the targeted file's name. The 's29js31@tutamail.com' Ransomware targets certain files when it infects a machine, which includes:

.jpg, .jpeg, .raw, .tif, .gif, .png, .bmp, .3dm, .max, .accdb, .db, .dbf, .mdb, .pdb, .sql, .dwg, .dxf, .cpp, .cs, .h, .php, .asp, .rb, .java, .jar, .class, .py, .js, .aaf, .aep, .aepx, .plb, .prel, .prproj, .aet, .ppj, .psd, .indd, .indl, .indt, .indb, .inx, .idml, .pmd, .xqx, .xqx, .ai, .eps, .ps, .svg, .swf, .fla, .as3, .as, .txt, .doc, .dot, .docx, .docm, .dotx, .dotm, .docb, .rtf, .wpd, .wps, .msg, .pdf, .xls, .xlt, .xlm, .xlsx, .xlsm, .xltx, .xltm, .xlsb, .xla, .xlam, .xll, .xlw, .ppt, .pot, .pps, .pptx, .pptm, .potx, .potm, .ppam, .ppsx, .ppsm, .sldx, .sldm, .wav, .mp3, .aif, .iff, .m3u, .m4u, .mid, .mpa, .wma, .ra, .avi, .mov, .mp4, .3gp, .mpeg, .3g2, .asf, .asx, .flv, .mpg, .wmv, .vob, .m3u8, .dat, .csv, .efx, .sdf, .vcf, .xml, .ses, .qbw, .qbb, .qbm, .qbi, .qbr , .cnt, .des, .v30, .qbo, .ini, .lgb, .qwc, .qbp, .aif, .qba, .tlg, .qbx, .qby , .1pa, .qpd, .txt, .set, .iif, .nd, .rtp, .tlg, .wav, .qsm, .qss, .qst, .fx0, .fx1, .mx0, .fpx, .fxr, .fim, .ptb, .ai, .pfb, .cgn, .vsd, .cdr, .cmx, .cpt, .csl, .cur, .des, .dsf, .ds4, , .drw, .eps, .ps, .prn, .gif, .pcd, .pct, .pcx, .plt, .rif, .svg, .swf, .tga, .tiff, .psp, .ttf, .wpd, .wpg, .wi, .raw, .wmf, .txt, .cal, .cpx, .shw, .clk, .cdx, .cdt, .fpx, .fmv, .img, .gem, .xcf, .pic, .mac, .met, .pp4, .pp5, .ppf, .nap, .pat, .ps, .prn, .sct, .vsd, .wk3, .wk4, .xpm, .zip, .rar.

The 's29js31@tutamail.com' Ransomware, like most other Scarab variants, delivers a ransom note in the form of a text file. The 's29js31@tutamail.com' Ransomware's ransom note is a file named 'HOW TO RECOVER ENCRYPTED FILES.TXT,' which contains the following message:

'Your files are now encrypted!
Your personal identifier:
[random characters]
All your files have been encrypted due to a security problem with your PC.
Now you should send us email with your personal identifier.
This email will be as confirmation you are ready to pay for decryption key.
You have to pay for decryption in Bitcoins. The price depends on how fast you write to us.
After payment we will send you the decryption tool that will decrypt all your files.
Contact us using this email address: s29js31@tutamail.com
Free decryption as guarantee!
Before paying you can send us up to 3 files for free decryption.
The total size of files must be less than 10Mb (non archived), and files should not contain
valuable information (databases, backups, large excel sheets, etc.).
Attention!
*Do not rename encrypted files.
*Do not try to decrypt your data using third party software, it may cause permanent data loss.
*Decryption of your files with the help of third parties may cause increased price
(they add their fee to our) or you can become a victim of a scam.'

Protecting Your Data from Threats Like the 's29js31@tutamail.com' Ransomware

The best protection you can have against threats like the 's29js31@tutamail.com' Ransomware is backup copies of your files. These backup copies allow computer users to restore their files without having to negotiate with criminals that are only after money. The 's29js31@tutamail.com' Ransomware also can be prevented from being installed by a well-maintained security product.