Sicck Ransomware

The Sicck Ransomware is an encryption ransomware Trojan that was first observed on October 30, 2018. The Sicck Ransomware is being distributed to victims via corrupted email attachments mainly, often in the form of Microsoft Word documents with embedded macro scripts that install the Sicck Ransomware. Once the Sicck Ransomware is installed, it uses a powerful encryption method to make the victim's files unreachable and then asks for a ransom payment as the only way to get back the damaged data.

How You can be Infected by the Sicck Ransomware

The Sicck Ransomware's encryption makes the files to become inaccessible and easy to be recognized because the Sicck Ransomware adds the file extension '[sicck@protonmail.com]..sicck' to each file affected by the attack. The Sicck Ransomware targets the user-generated files, which may include files with the following file extensions:

.jpg, .jpeg, .raw, .tif, .gif, .png, .bmp, .3dm, .max, .accdb, .db, .dbf, .mdb, .pdb, .sql, .dwg, .dxf, .cpp, .cs, .h, .php, .asp, .rb, .java, .jar, .class, .py, .js, .aaf, .aep, .aepx, .plb, .prel, .prproj, .aet, .ppj, .psd, .indd, .indl, .indt, .indb, .inx, .idml, .pmd, .xqx, .xqx, .ai, .eps, .ps, .svg, .swf, .fla, .as3, .as, .txt, .doc, .dot, .docx, .docm, .dotx, .dotm, .docb, .rtf, .wpd, .wps, .msg, .pdf, .xls, .xlt, .xlm, .xlsx, .xlsm, .xltx, .xltm, .xlsb, .xla, .xlam, .xll, .xlw, .ppt, .pot, .pps, .pptx, .pptm, .potx, .potm, .ppam, .ppsx, .ppsm, .sldx, .sldm, .wav, .mp3, .aif, .iff, .m3u, .m4u, .mid, .mpa, .wma, .ra, .avi, .mov, .mp4, .3gp, .mpeg, .3g2, .asf, .asx, .flv, .mpg, .wmv, .vob, .m3u8, .dat, .csv, .efx, .sdf, .vcf, .xml, .ses, .qbw, .qbb, .qbm, .qbi, .qbr , .cnt, .des, .v30, .qbo, .ini, .lgb, .qwc, .qbp, .aif, .qba, .tlg, .qbx, .qby , .1pa, .qpd, .txt, .set, .iif, .nd, .rtp, .tlg, .wav, .qsm, .qss, .qst, .fx0, .fx1, .mx0, .fpx, .fxr, .fim, .ptb, .ai, .pfb, .cgn, .vsd, .cdr, .cmx, .cpt, .csl, .cur, .des, .dsf, .ds4, .drw, .eps, .ps, .prn, .gif, .pcd, .pct, .pcx, .plt, .rif, .svg, .swf, .tga, .tiff, .psp, .ttf, .wpd, .wpg, .wi, .raw, .wmf, .txt, .cal, .cpx, .shw, .clk, .cdx, .cdt, .fpx, .fmv, .img, .gem, .xcf, .pic, .mac, .met, .pp4, .pp5, .ppf, .nap, .pat, .ps, .prn, .sct, .vsd, .wk3, .wk4, .xpm, .zip, .rar.

The Sicck Ransomware delivers a ransom note in the form of a text file named 'How__to__decrypt__files.txt.' This ransom note demands a ransom payment of 1 Bitcoin (6300 USD at the current exchange rate approximately). The full text of the Sicck Ransomware's ransom note reads:

'Some files have been encrypted
Please send (1) bitcoins to my wallet address
IF you paid, send the machine to my email code
I will give you key
If there is no payment within three days,
we will no longer support
If you go to the payment time, your data will be open to the public download
He support decrypting the test File.
send files 3 MB Files to the email address
BTC Wallet: 3QxVmxcyVcqDpuUJSQT5y83BbHvZvCoYcV
Email: [sicck@protpnmai1.c0m] or: [sicck@airmai1.cc]
YOUR Hardware ID: [random characters]'

Contacting the criminals responsible for the Sicck Ransomware attack is not a wise idea. Computer users also should refrain from paying any ransom amount in these attacks.

Protecting Your Data from Threats Like the Sicck Ransomware

The best protection against threats like the Sicck Ransomware is to have file backups, which are copies of your files. Having backup copies of your data ensures that the criminals cannot keep your data hostage since the compromised data can be restored from the backup copy quickly. Apart from file backups, every computer user should keep an updated security program running all the time to help prevent the Sicck Ransomware from being installed in the first place. Since threats like the Sicck Ransomware are commonly delivered using spam email attachments, learning to recognize and deal with this dubious online content is also an essential part of preventing the Sicck Ransomware attacks and protecting your data.

SpyHunter Detects & Remove Sicck Ransomware