ThunderX Ransomware

ThunderX Ransomware Description

The ThunderX Ransomware is a unique ransomware threat that has not been placed as a part of any previously existing ransomware family yet. Nevertheless, it follows the typical ransomware behavior with little deviation - it uses cryptographical algorithms to encrypt the most popular filetypes, rendering them inaccessible and unusable. Then, ThunderX Ransomware attempts to extort its victims in exchange for the restoration of the affected files.

The most obvious sign that the ThunderX Ransomware has infiltrated your computer is if out of nowhere, all of your files have '.tx_locked' appended to their names as a new extension. The ransom note left by the hackers is dropped as a text file named 'readme.txt.' The file containing the ransom note can be found in every folder with encrypted files.

The hackers warn that the ThunderX Ransomware has the capability to either outright delete or format the default backups of the affected files. Victims are left with two email addresses that they are supposed to use to contact the cybercriminals. The emails are deloneThunder@protonmail.com and ThunderBirdXeX@cock.li. Up to 3 files can be sent for free decryption as a demonstration that the locked data can indeed be restored. The ransom note contains a unique key and victim's ID for each compromised system and both must be included in the email message.

Contacting the criminals behind any ransomware threat, the ThunderX Ransomware is not an exception, is a risky option that could leave the affected users in even bigger troubles.

The full text of the note used by ThunderX Ransomware is:

'Attention! Your network has been locked by ThunderX

Your computers and server are encrypted

For this server all encrypted files have extension: .tx_locked

Follow our instructions below and you will recover all your data

----

You cant open or work with files while it encrypted - we use strongest encryption algorithms

All backups are deleted or formatted, do not worry, we can help you restore your files

The only way to return your files back - contact us and receive decryption program.

Do not worry about guarantees - you can decrypt any 3 files FOR FREE as guarantee

----

Contact us: deloneThunder@protonmail.com or ThunderBirdXeX@cock.li

And attach in first letter this file or just send all info below (copy all info!):

key: -

personal id: -'

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.