Target777 Ransomware

The Target777 Ransomware is an encryption ransomware Trojan. The Target777 Ransomware attacks seem to be distributed in a campaign targeting specific business targets rather than individuals. One aspect of the Target777 Ransomware that has caught the attention of PC security researchers is that the Target777 Ransomware campaign is designed to target specific individuals s, generally because of their role in a business or organization. This is reflected in the Target777 Ransomware's phishing emails and in its ransom notes, which are all personalized.

Some Details about the Target777 Ransomware Attack

Despite the fact that the campaign being used to distribute the Target777 Ransomware is so highly targeted, there is nothing preventing the Target777 Ransomware from being used against the general public or distributed in other ways. At its core, the Target777 Ransomware carries out a typical encryption ransomware attack, using AES encryption to make the victim's files inaccessible and then demanding a ransom payment in exchange for the decryption key needed to restore the affected data. The following are examples of the files that threats like the Target777 Ransomware target in these attacks:

.jpg, .jpeg, .raw, .tif, .gif, .png, .bmp, .3dm, .max, .accdb, .db, .dbf, .mdb, .pdb, .sql, .dwg, .dxf, .cpp, .cs, .h, .php, .asp, .rb, .java, .jar, .class, .py, .js, .aaf, .aep, .aepx, .plb, .prel, .prproj, .aet, .ppj, .psd, .indd, .indl, .indt, .indb, .inx, .idml, .pmd, .xqx, .xqx, .ai, .eps, .ps, .svg, .swf, .fla, .as3, .as, .txt, .doc, .dot, .docx, .docm, .dotx, .dotm, .docb, .rtf, .wpd, .wps, .msg, .pdf, .xls, .xlt, .xlm, .xlsx, .xlsm, .xltx, .xltm, .xlsb, .xla, .xlam, .xll, .xlw, .ppt, .pot, .pps, .pptx, .pptm, .potx, .potm, .ppam, .ppsx, .ppsm, .sldx, .sldm, .wav, .mp3, .aif, .iff, .m3u, .m4u, .mid, .mpa, .wma, .ra, .avi, .mov, .mp4, .3gp, .mpeg, .3g2, .asf, .asx, .flv, .mpg, .wmv, .vob, .m3u8, .dat, .csv, .efx, .sdf, .vcf, .xml, .ses, .qbw, .qbb, .qbm, .qbi, .qbr , .cnt, .des, .v30, .qbo, .ini, .lgb, .qwc, .qbp, .aif, .qba, .tlg, .qbx, .qby , .1pa, .qpd, .txt, .set, .iif, .nd, .rtp, .tlg, .wav, .qsm, .qss, .qst, .fx0, .fx1, .mx0, .fpx, .fxr, .fim, .ptb, .ai, .pfb, .cgn, .vsd, .cdr, .cmx, .cpt, .csl, .cur, .des, .dsf, .ds4, , .drw, .eps, .ps, .prn, .gif, .pcd, .pct, .pcx, .plt, .rif, .svg, .swf, .tga, .tiff, .psp, .ttf, .wpd, .wpg, .wi, .raw, .wmf, .txt, .cal, .cpx, .shw, .clk, .cdx, .cdt, .fpx, .fmv, .img, .gem, .xcf, .pic, .mac, .met, .pp4, .pp5, .ppf, .nap, .pat, .ps, .prn, .sct, .vsd, .wk3, .wk4, .xpm, .zip, .rar.

The Target777 Ransomware delivers a ransom note in the form of a text file named !JustinsBread_ReadMeHowToDeCryptFiles!.txt, which is personalized, with a greeting directed to a specific individual once the victim's files have been encrypted. The Target777 Ransomware ransom note content reads:

'Hello, XXX!
Please, check this message in details and contact a person from IT department.
Your personal computer has been infected by ransomware virus.
All your personal files (confidential and business documents, backups and projects) are encrypted.
If you want to restore your files including your clients personal data, you will need to make the payment.
Otherwise all your files will be posted in the Internet which may lead you to the loss of reputation and cause the troubles for your business.
To show you that we can restore your files any time, we can send you decrypted files (about 50kb).
The rest of the data will be provided to you after the full payment.
Let us know if you have any questions.
Our email address: [xxx]@protonmail.com
If you don't get an answer from us within one day, please, download BitMessage application.
BitMessage homelink: https://bitmessage.org
BitMessage identity: BM-2cUy6rCDbfQhwMLaEur9FCm5YXjehdpWFd'

Protecting Your Data from Threats Like the Target777 Ransomware

The best protection against threats like the Target777 Ransomware is to have file backups stored on the cloud or a detachable memory device. Apart from file backups, PC security researchers strongly recommend the use of a reliable security program. The Target777 Ransomware ransom should not be paid since it is very unlikely that the criminals will return the affected files to normal.