Threat Database Ransomware '' Ransomware

'' Ransomware

By GoldSparrow in Ransomware

The '' Ransomware is an encryption ransomware Trojan. The '' Ransomware, like most encryption ransomware Trojans, is designed to take victims' files hostage and then require a ransom payment from the victim in exchange for restoring access to the victim's files. Threats like the '' Ransomware use strong encryption algorithms to encrypt the victim's data, making the victim's files unusable without the decryption key. Unfortunately, once the '' Ransomware attack compromises the files, they will no longer be accessible.

Why the '' Ransomware and Similar Threats are Created

The '' Ransomware is designed to take the victim's files hostage, using strong encryption to target the user-generated files in its attack. Threats like the '' Ransomware do not encrypt the Windows system files or other files that may stop the victim's computer from working since they require the victim to be able to carry out a payment. Because of this, they target media files, documents, archives, and other commonly used file formats that are generated by the computer user. The following are some of the files that are commonly compromised in attacks like the '' Ransomware:

.jpg, .jpeg, .raw, .tif, .gif, .png, .bmp, .3dm, .max, .accdb, .db, .dbf, .mdb, .pdb, .sql, .dwg, .dxf, .cpp, .cs, .h, .php, .asp, .rb, .java, .jar, .class, .py, .js, .aaf, .aep, .aepx, .plb, .prel, .prproj, .aet, .ppj, .psd, .indd, .indl, .indt, .indb, .inx, .idml, .pmd, .xqx, .xqx, .ai, .eps, .ps, .svg, .swf, .fla, .as3, .as, .txt, .doc, .dot, .docx, .docm, .dotx, .dotm, .docb, .rtf, .wpd, .wps, .msg, .pdf, .xls, .xlt, .xlm, .xlsx, .xlsm, .xltx, .xltm, .xlsb, .xla, .xlam, .xll, .xlw, .ppt, .pot, .pps, .pptx, .pptm, .potx, .potm, .ppam, .ppsx, .ppsm, .sldx, .sldm, .wav, .mp3, .aif, .iff, .m3u, .m4u, .mid, .mpa, .wma, .ra, .avi, .mov, .mp4, .3gp, .mpeg, .3g2, .asf, .asx, .flv, .mpg, .wmv, .vob, .m3u8, .dat, .csv, .efx, .sdf, .vcf, .xml, .ses, .qbw, .qbb, .qbm, .qbi, .qbr , .cnt, .des, .v30, .qbo, .ini, .lgb, .qwc, .qbp, .aif, .qba, .tlg, .qbx, .qby , .1pa, .qpd, .txt, .set, .iif, .nd, .rtp, .tlg, .wav, .qsm, .qss, .qst, .fx0, .fx1, .mx0, .fpx, .fxr, .fim, .ptb, .ai, .pfb, .cgn, .vsd, .cdr, .cmx, .cpt, .csl, .cur, .des, .dsf, .ds4, , .drw, .eps, .ps, .prn, .gif, .pcd, .pct, .pcx, .plt, .rif, .svg, .swf, .tga, .tiff, .psp, .ttf, .wpd, .wpg, .wi, .raw, .wmf, .txt, .cal, .cpx, .shw, .clk, .cdx, .cdt, .fpx, .fmv, .img, .gem, .xcf, .pic, .mac, .met, .pp4, .pp5, .ppf, .nap, .pat, .ps, .prn, .sct, .vsd, .wk3, .wk4, .xpm, .zip, .rar.

Once the '' Ransomware has encrypted the files, they will no longer be usable and will appear on the victim's computer as blank icons. In most cases, the '' Ransomware is installed after the victim opens a corrupted file attachment, often containing bad scripts that download and install the '' Ransomware. This is why it is so necessary to learn how to handle spam email messages effectively as a way to prevent attacks such as these.

The '' Ransomware's Ransom Demands

It seems that the '' Ransomware is part of the VegaLocker Ransomware family, which targets Russian speakers. The '' Ransomware delivers a ransom note written entirely in Russian, which demands a fee of 250 USD to be paid using Bitcoin. This is not different from most encryption ransomware Trojans. Computer users are counseled to avoid paying the '' Ransomware's ransom or even attempting to contact the criminals via the provided email address, since doing so exposes computer users to additional scams and malware infections.

Preventing Threats Like the '' Ransomware

The best way to avoid attacks like the '' Ransomware is to have ways to restore any data compromised by the '' Ransomware attack. This can be done most efficiently by having backup copies of all files. These backup copies should be stored on highly protected places, allowing the victim to delete the compromised versions of their data and restoring them from the backup, bypassing any need to pay a ransom or allow the criminals to continue to profit from these attacks.


Most Viewed