Threat Database Ransomware 'Systemdown@india.com' Ransomware

'Systemdown@india.com' Ransomware

By GoldSparrow in Ransomware

The 'Systemdown@india.com' Ransomware belongs to a large family of ransomware Trojans that are all variants of Crysis, a ransomware Trojan first observed in March of 2016. The 'Systemdown@india.com' Ransomware was first spotted in the wild in August of 2016. The 'Systemdown@india.com' Ransomware's attack is typical of these kinds of threats. The 'Systemdown@india.com' Ransomware may be installed on the victim's computer in a number of different ways. Once installed, the 'Systemdown@india.com' Ransomware encrypts the victim's files using a strong encryption algorithm. The 'Systemdown@india.com' Ransomware then demands that the victim pays large amounts of money to recover access to the infected files. One of the reasons why ransomware Trojans like the 'Systemdown@india.com' Ransomware are so effective is that, even if they are removed with a reliable security program, the files will remain infected. There is no available method to decrypt files that have been taken hostage by the 'Systemdown@india.com' Ransomware and other Crysis ransomware variants currently. Because of this, the best protection against these threats is to ensure that good backups of all files exist on an external device.

How the 'Systemdown@india.com' Ransomware Attack Works

The 'Systemdown@india.com' Ransomware demands a ransom that can vary depending on the victim. The ransom amount may be between $600 and $1800 USD. However, the 'Systemdown@india.com' Ransomware and its variants seem to be targeting businesses and enterprise networks, meaning that the amount of the ransom can be quite inflated depending on the severity of the attack and the profile of the victim.

In most cases, the 'Systemdown@india.com' Ransomware will be first installed when the victim opens a corrupted email attachment. However, there are other methods that have been associated with the 'Systemdown@india.com' Ransomware. The 'Systemdown@india.com' Ransomware can be installed by hacking directly into the victim's computer. The 'Systemdown@india.com' Ransomware also has been observed on file sharing networks, disguised as popular torrent files. The 'Systemdown@india.com' Ransomware's attack is straightforward. In its configuration files, the 'Systemdown@india.com' Ransomware has a list of file extensions. The 'Systemdown@india.com' Ransomware searches the victim's hard drive for files with these extensions and then uses its sophisticated encryption algorithm to encrypt all files that match these types. The following are some of the file types targeted by the 'Systemdown@india.com' Ransomware and other Crysis variants:

.odc, .odm, .odp, .ods, .odt, .docm, .docx, .doc, .odb, .mp4, sql, .7z, .m4a, .rar, .wma, .gdb, .tax, .pkpass, .bc6, .bc7, .avi, .wmv, .csv, .d3dbsp, .zip, .sie, .sum, .ibank, .t13, .t12, .qdf, .bkp, .qic, .bkf, .sidn, .sidd, .mddata, .itl, .itdb, .icxs, .hvpl, .hplg, .hkdb, .mdbackup, .syncdb, .gho, .cas, .svg, .map, .wmo, .itm, .sb, .fos, .mov, .vdf, .ztmp, .sis, .sid, .ncf, .menu, .layout, .dmp, .blob, .esm, .vcf, .vtf, .dazip, .fpk, .mlx, .kf, .iwd, .vpk, .tor, .psk, .rim, .w3x, .fsh, .ntl, .arch00, .lvl, .snx, .cfr, .ff, .vpp_pc, .lrf, .m2, .mcmeta, .vfs0, .mpqge, .kdb, .db0, .dba, .rofl, .hkx, .bar, .upk, .das, .iwi, .litemod, .asset, .forge, .ltx, .bsa, .apk, .re4, .sav, .lbf, .slm, .bik, .epk, .rgss3a, .pak, .big, wallet, .wotreplay, .xxx, .desc, .py, .m3u, .flv, .js, .css, .rb, .png, .jpeg, .txt, .p7c, .p7b, .p12, .pfx, .pem, .crt, .cer, .der, .x3f, .srw, .pef, .ptx, .r3d, .rw2, .rwl, .raw, .raf, .orf, .nrw, .mrwref, .mef, .erf, .kdc, .dcr, .cr2, .crw, .bay, .sr2, .srf, .arw, .3fr, .dng, .jpe, .jpg, .cdr, .indd, .ai, .eps, .pdf, .pdd, .psd, .dbf, .mdf, .wb2, .rtf, .wpd, .dxg, .xf, .dwg, .pst, .accdb, .mdb, .pptm, .pptx, .ppt, .xlk, .xlsb, .xlsm, .xlsx, .xls, .wps.

Whenever the 'Systemdown@india.com' Ransomware encrypts a file, it drops a ransom note (in the form of a text file) in the directory where this occurred. The 'Systemdown@india.com' Ransomware also will change the affected computer's Desktop Wallpaper image.

PC security analysts strongly advise computer users not to pay the 'Systemdown@india.com' Ransomware's ransom. There is no guarantee that con artists will keep their word and deliver the decryption key; in fact, there are some reports of computer users that have paid $1000 USD only to be asked to pay $800 USD instead of receiving the decryption key.

Trending

Most Viewed

Loading...