Threat Database Ransomware TBlocker Ransomware

TBlocker Ransomware

By GoldSparrow in Ransomware

The TBlocker Ransomware is an encryption ransomware Trojan that was first observed in mid-February of 2018. Encryption ransomware Trojans like the TBlocker Ransomware are designed to take the victims' files hostage to demand a ransom payment. This is done through a lock screen and by encrypting victim's files with a strong encryption algorithm. The TBlocker Ransomware is delivered to its victims via the use of corrupted spam email attachments. The victims will receive an email message with a compromised Microsoft Word file attachment, which will use macro scripts to set up the TBlocker Ransomware onto the infected computer. Fortunately, it is possible for the victims of the TBlocker Ransomware attack recover their files, which is not the case with the majority of encryption ransomware Trojans that are being used to carry out attacks on computer users currently.

There's is a Solution for PCs Attacked by the TBlocker Ransomware

Ransomware Trojans like the TBlocker Ransomware use an encryption algorithm to make the victim's files inaccessible. The TBlocker Ransomware will add the character '_' to the end of each affected file's extension, making it simple to know which files have been compromised by the TBlocker Ransomware attack. The TBlocker Ransomware will target the user-generated files below a certain file size on the infected computer. The TBlocker Ransomware chooses various file types in its attack, which include videos, audio, texts, and numerous document type formats. The following are some of the file types that are commonly affected by attacks like the TBlocker Ransomware:

.3dm, .3g2, .3gp, .7zip, .aaf, .accdb, .aep, .aepx, .aet, .ai, .aif, .as, .as3, .asf, .asp, .asx, .avi, .bmp, .c, .class, .cpp, .cs, .csv, .dat, .db, .dbf, .doc, .docb, .docm, .docx, .dot, .dotm, .dotx, .dwg, .dxf, .efx, .eps, .fla, .flv, .gif, .h, .idml, .iff, .indb, .indd, .indl, .indt, .inx, .jar, .java, .jpeg, .jpg, .js, .m3u, .m3u8, .m4u, .max, .mdb, .mid, .mkv, .mov, .mp3, .mp4, .mpa, .mpeg, .mpg, .msg, .pdb, .pdf, .php, .plb, .pmd, .png, .pot, .potm, .potx, .ppam, .ppj, .pps, .ppsm, .ppsx, .ppt, .pptm, .pptx, .prel, .prproj, .ps, .psd, .py, .ra, .rar, .raw, .rb, .rtf, .sdf, .sdf, .ses, .sldm, .sldx, .sql, .svg, .swf, .tif, .txt, .vcf, .vob, .wav, .wma, .wmv, .wpd, .wps, .xla, .xlam, .xll, .xlm, .xls, .xlsb, .xlsm, .xlsx, .xlt, .xltm, .xltx, .xlw, .xml, .xqx, .xqx, .zip.

The TBlocker Ransomware's Ransom Demand

The TBlocker Ransomware will deliver a lock screen with a ransom demand of 250 USD after encrypting the victim's files. The message displayed on the victim's computer reads:

'Ooooops!!
Device blocked by TBlocker

All your files have been encrypted with a key that we only have.
If you want to retrieve the files pay by bitcoin to:
[bitcoin wallet address redacted] the sum of $ 250.
The system has been compromised, it is not possible to exit.

Time Left: [Timer counts down the time]

At the expiration of time all your files will be made public on the internet
and the PC will be permanently locked.'

Computer users can recover from a TBlocker Ransomware attack by using the string '580933' and the password 'Password.' Computer users shouldn't follow the instructions in the TBlocker Ransomware ransom note or pay the ransom amount. Instead of doing this, it is advised to use a reliable security program that is fully up-to-date to remove the TBlocker Ransomware infection itself. In most ransomware Trojan attacks it is not possible to restore the files encrypted by the attack, unlike the TBlocker Ransomware. Because of this, the best preemptive measure against these attacks is to have file backups on an easily accessible and secure source. Malware researchers advise computer users to create backup copies of their files either on the cloud or an external memory device. This way, in the event of an encryption ransomware attack, the victims can restore their files from the backup (since in most cases, a decryption password is not available readily).

Related Posts

Trending

Most Viewed

Loading...