Starbax@tutanota.com Ransomware
The Starbax@tutanota.com Ransomware is an encryption ransomware Trojan that was first observed by PC security researchers on March 5, 2018. The Starbax@tutanota.com Ransomware is a variant of a ransomware Trojan that was first observed in October 2017. The Starbax@tutanota.com Ransomware is nearly identical to many other encryption ransomware Trojans being used to carry out attacks, many based on open source encryption engines available on the Dark Web.
Table of Contents
How the Starbax@tutanota.com Ransomware may be Delivered to Victims
The Starbax@tutanota.com Ransomware may be delivered through the use of spam email messages, which may use corrupted email attachments containing embedded macro scripts that download and install the Starbax@tutanota.com Ransomware onto the victim's computer. Because of this, learning to handle both spam email messages and macros safely is essential in preventing attacks like the Starbax@tutanota.com Ransomware.
How the Starbax@tutanota.com Ransomware Carries out Its Attack
Once the Starbax@tutanota.com Ransomware is installed on the victim's computer, the Starbax@tutanota.com Ransomware will scan the infected machine in search for certain file types, typically the user-generated files that may include commonly used content like photos, music, movies, spreadsheets and other office files, PDF files, and numerous other file types – avoiding the Windows system files and other files that may prevent the operating system from working properly. This is because these threats need the victims to be able to continue using their computers so that they can pay a ransom amount in exchange for the decryption key needed to restore the affected files. The following are examples of the files that are typically targeted by attacks like the Starbax@tutanota.com Ransomware:
.3dm, .3g2, .3gp, .7zip, .aaf, .accdb, .aep, .aepx, .aet, .ai, .aif, .as, .as3, .asf, .asp, .asx, .avi, .bmp, .c, .class, .cpp, .cs, .csv, .dat, .db, .dbf, .doc, .docb, .docm, .docx, .dot, .dotm, .dotx, .dwg, .dxf, .efx, .eps, .fla, .flv, .gif, .h, .idml, .iff, .indb, .indd, .indl, .indt, .inx, .jar, .java, .jpeg, .jpg, .js, .m3u, .m3u8, .m4u, .max, .mdb, .mid, .mkv, .mov, .mp3, .mp4, .mpa, .mpeg, .mpg, .msg, .pdb, .pdf, .php, .plb, .pmd, .png, .pot, .potm, .potx, .ppam, .ppj, .pps, .ppsm, .ppsx, .ppt, .pptm, .pptx, .prel, .prproj, .ps, .psd, .py, .ra, .rar, .raw, .rb, .rtf, .sdf, .sdf, .ses, .sldm, .sldx, .sql, .svg, .swf, .tif, .txt, .vcf, .vob, .wav, .wma, .wmv, .wpd, .wps, .xla, .xlam, .xll, .xlm, .xls, .xlsb, .xlsm, .xlsx, .xlt, .xltm, .xltx, .xlw, .xml, .xqx, .xqx, .zip.
The Starbax@tutanota.com Ransomware will rename the files encrypted by its attack. The Starbax@tutanota.com Ransomware will add a long file extension to each affected file's name, which takes the form of the following string:
'! ,--, Revert Access ,--, starbax@tutanota.com ,--,.BlockBax_v3.2'
The above string is added to the end of each affected file's name as a form of file extension, making it simple to know which files have been compromised by the Starbax@tutanota.com Ransomware attack.
Dealing with a Starbax@tutanota.com Ransomware Infection
If the Starbax@tutanota.com Ransomware or similar ransomware Trojans have compromised your files, PC security experts strongly advise refraining from paying the Starbax@tutanota.com Ransomware ransom. Paying these ransom amounts allows the extortionists to continue developing and creating new ransomware Trojans like the Starbax@tutanota.com Ransomware. The best protection against the Starbax@tutanota.com Ransomware and similar threats is to have file backups. If computer users can restore their files from a backup file, then the cybercrooks lose any dominance that would allow them to demand a ransom payment from the victims of the attack. Apart from file backups, PC security researchers advise computer users to install a security product that is fully up-to-date to intercept these threats or remove them after an infection (although a security software can't restore the files encrypted by an infection like the Starbax@tutanota.com Ransomware due to the strength of the encryption involved).
