Sifreli Ransomware

The Sifreli Ransomware is an encryption ransomware Trojan that will mark the encrypted files using the file extension '.sifreli.' The Sifreli Ransomware will use a powerful encryption algorithm to make the victim's files inaccessible to demand a ransom payment. The Sifreli Ransomware will drop a ransom on the victim's computer, which is displayed in a program window titled '!!! SISTEMINIZ HACKLENDI !!!' This is a typical ransomware attack, where the Sifreli Ransomware encrypts the victim's files and then displays a ransom note demanding a ransom payment in exchange for the decryption key. The Sifreli Ransomware seems to target Turkish speakers, although there is no reason to believe that the Sifreli Ransomware could not spread beyond this geographical area.

How the Sifreli Ransomware may be Delivered to Its Victims’ Computers

The most common way of delivering the Sifreli Ransomware is through corrupted spam email attachments. One typical method for ransomware delivery that has gained traction in 2017 is the use of Microsoft Word files with corrupted macros, which download and install the Sifreli Ransomware onto the victim's computer when the file is opened. Because of this, the first step in protecting your machine from threats like the Sifreli Ransomware is to handle spam email messages and email attachments with caution to prevent these infections. Con artists may use social engineering methods to ensure that victims open the file attachments, often disguising them as email invoices, receipts or other, similar content.

The Sifreli Ransomware and Its Ransom Message

The word 'sifreli' is Turkish for 'encrypted,' a common extension associated with file encoders like the Sifreli Ransomware. As soon as the victims allow the Sifreli Ransomware to be installed on their computers, the Sifreli Ransomware will scan the victims' drives, network shared directories and other data. The Sifreli Ransomware will use a strong encryption algorithm to make the victim's files inaccessible and unrecoverable. The Sifreli Ransomware will display a pop-up window that cannot be closed after encrypting the victims' files. This window contains the Sifreli Ransomware's ransom note. Below is the original Turkish message of the Sifreli Ransomware ransom note:

'!!! SISTEMINIZ HACKLENDI !!!
Merhabalar,
Ben sistem açıklarını araştırıp bulan ve bu şekilde para kazanan bir sistem mühendisiyim. Şirketinizin sistemlerinde bir açık buldum ve sisteminizi hackledim. Şirketinizle ilgili bütün bilgilerinizi ele geçirdim ve sisteminizdeki ayrıca ağınızdaki tüm verileri şifreledim. Şayet bu bilgileri geri almak isterseniz ve şifreyi sabrı almak için benimle iletişime geçiniz..
e-mail: muhendis@mail.ua
Aksi taktirde ele geçirilen bilgiler internet ortamında yayınlanacaktır.
Encrypted Session Key: A7198E 24182288171396F8C 85 F228D4C FD1014E F4E 06 F8589F5236ADE D28E 34F4574838 L F61CF9352ADE55777539007D62729A7B8CF 1700154E 070056E 786746413ABF829508C4F'

The following is the English translation of the above message:

'Hello,
I am a system engineer who searches for system exploits and earns money in this way. I found an open in your company's systems, and I hacked your system. I've got all your information about your company, and I've also encrypted all the data on your system. If you want to get this information back, and you get the patience, please contact me.
E-mail: muhendis@mail.ua
Otherwise, the captured information will be published on the internet.
Encrypted Session Key: A7198E 24182288171396F8C 85 F228D4C FD1014E F4E 06 F8589F5236ADE D28E 34F4574838 L F61CF9352ADE55777539007D62729A7B8CF 1700154E 070056E 786746413ABF829508C4F'

It is not a wise action to contact the people responsible for the attack. Instead, a reliable security program that is fully up to date is fundamental when dealing with these threats.

Dealing with the Sifreli Ransomware Infection

The best protection against the Sifreli Ransomware and similar ransomware Trojans is to use an up-to-date security tool and have file backups. Having backup copies of your files makes you invulnerable to attacks like the Sifreli Ransomware since you can recover your data by simply restoring it from the file backup. The use of file backups coupled with strong security software can help prevent attacks like the Sifreli Ransomware and allow the computer users recover their data quickly.