Threat Database Ransomware 'satco@tutanota.com' Ransomware

'satco@tutanota.com' Ransomware

By GoldSparrow in Ransomware

The 'satco@tutanota.com' Ransomware is a ransomware Trojan that first appeared on February 1, 2019. The 'satco@tutanota.com' Ransomware's code is based on a hybrid between the Dharma Ransomware and the Crysis Ransomware, two well known ransomware families that have been active for some time. The hybrids of these two threat families first started to appear in late 2018 and seem to be related to a ransomware builder released around the same time. The 'satco@tutanota.com' Ransomware carries out a typical encryption ransomware tactic, taking the victims' files hostage so that it has grounds to demand a ransom payment from the victim in exchange for restoring access to the compromised data.

How the 'satco@tutanota.com' Ransomware Affects Your Files

The 'satco@tutanota.com' Ransomware is typically delivered to the victims via corrupted spam email attachments, often taking the form of Microsoft Word documents with embedded macro scripts that download and install the 'satco@tutanota.com' Ransomware onto the victim's computer. Once the 'satco@tutanota.com' Ransomware is installed, it will use a strong encryption algorithm to make the victim's files inaccessible, targeting the user-generated files, which may include a wide variety of documents, media content, configuration data, databases and other data containers. The files that threats like the 'satco@tutanota.com' Ransomware target in these attacks include:

.jpg, .jpeg, .raw, .tif, .gif, .png, .bmp, .3dm, .max, .accdb, .db, .dbf, .mdb, .pdb, .sql, .dwg, .dxf, .cpp, .cs, .h, .php, .asp, .rb, .java, .jar, .class, .py, .js, .aaf, .aep, .aepx, .plb, .prel, .prproj, .aet, .ppj, .psd, .indd, .indl, .indt, .indb, .inx, .idml, .pmd, .xqx, .xqx, .ai, .eps, .ps, .svg, .swf, .fla, .as3, .as, .txt, .doc, .dot, .docx, .docm, .dotx, .dotm, .docb, .rtf, .wpd, .wps, .msg, .pdf, .xls, .xlt, .xlm, .xlsx, .xlsm, .xltx, .xltm, .xlsb, .xla, .xlam, .xll, .xlw, .ppt, .pot, .pps, .pptx, .pptm, .potx, .potm, .ppam, .ppsx, .ppsm, .sldx, .sldm, .wav, .mp3, .aif, .iff, .m3u, .m4u, .mid, .mpa, .wma, .ra, .avi, .mov, .mp4, .3gp, .mpeg, .3g2, .asf, .asx, .flv, .mpg, .wmv, .vob, .m3u8, .dat, .csv, .efx, .sdf, .vcf, .xml, .ses, .qbw, .qbb, .qbm, .qbi, .qbr , .cnt, .des, .v30, .qbo, .ini, .lgb, .qwc, .qbp, .aif, .qba, .tlg, .qbx, .qby , .1pa, .qpd, .txt, .set, .iif, .nd, .rtp, .tlg, .wav, .qsm, .qss, .qst, .fx0, .fx1, .mx0, .fpx, .fxr, .fim, .ptb, .ai, .pfb, .cgn, .vsd, .cdr, .cmx, .cpt, .csl, .cur, .des, .dsf, .ds4, , .drw, .eps, .ps, .prn, .gif, .pcd, .pct, .pcx, .plt, .rif, .svg, .swf, .tga, .tiff, .psp, .ttf, .wpd, .wpg, .wi, .raw, .wmf, .txt, .cal, .cpx, .shw, .clk, .cdx, .cdt, .fpx, .fmv, .img, .gem, .xcf, .pic, .mac, .met, .pp4, .pp5, .ppf, .nap, .pat, .ps, .prn, .sct, .vsd, .wk3, .wk4, .xpm, .zip, .rar.

The 'satco@tutanota.com' Ransomware uses a combination of the AES and RSA encryptions in its attack, making the files affected by the 'satco@tutanota.com' Ransomware attack unrecoverable. The 'satco@tutanota.com' Ransomware marks each compromised file by adding the file extension '.air' to the corrupted content. The 'satco@tutanota.com' Ransomware delivers a ransom note in the form of a text note named 'FILES ENCRYPTED.txt,' which demands that the victim contact the criminals via email to receive instructions on paying the ransom once the victim's files have been taken hostage.

Dealing with the 'satco@tutanota.com' Ransomware Attack

PC security researchers strongly advise computer users to refrain from paying the 'satco@tutanota.com' Ransomware ransom or contacting the criminals responsible for the attack. Most importantly, computer users need to take preventive steps to ensure that they are safe from attacks like the 'satco@tutanota.com' Ransomware. The best protection is to have file backups. Apart from the backup copies of their data, computer users are expected to use a security program to ensure that their files are safe from this and other attacks completely. A combination of backup copies of all data and strong security measures and a trustworthy anti-malware software can help keep the computers and data safe from threats like the 'satco@tutanota.com' Ransomware.

Trending

Most Viewed

Loading...