Todarius Ransomware

The Todarius Ransomware is a new ransomware threat detected by security experts at the end of April 2019. Upon inspection by malware researchers, it appeared that the Todarius Ransomware is a variant of none other than the infamous STOP Ransomware, which in itself is a threat, which emerged fairly recently.

It is not known how this nasty file-encryption Trojan is being spread, but experts speculate that the usual methods are involved, this being spam email campaigns, fraudulent update requests and infected pirated software. If the Todarius Ransomware succeeds in infiltrating your system it will begin to scan your data and detect the file types it is meant to target. Normally, these would be the most common file types that every regular users would have on their machine such as .mp3, .jpeg, .doc, .pdf, .gif, .mov, etc. Of course, this is done to ensure maximum damage. After scanning and picking its targets, the Todarius Ransomware would begin the next step – the encryption process. You would quickly notice that the files look differently after having undergone encryption. Their names would be altered because the Todarius Ransomware would add its own extension '.todarius.' So, to mention an example, if you have a file that was originally named 'plastic-bag.jpg,' after the Todarius Ransomware locks it would be called 'plastic-bag.jpg.todarius' and you will be unable to open it or use it in any manner. The next step of the attack would be dropping off the ransom note. Todarius Ransomware's ransom note would appear under the name '_readme.txt.' It does not read the sum that would be demanded by the attackers, but it does provide the victim with two email addresses where they could contact the authors of the Todarius Ransomware and get more information – gorentos@bitmessage.ch and vengisto@firemail.cc.

It is strongly advisable that you do not get in touch with the cybercriminals. They tend to promise a lot and not deliver anything, so it is likely they will scam you out of your cash and leave you empty-handed. Instead, what you can do is download and install a reputable anti-malware app and have it wipe the Todarius Ransomware off your system and then you can attempt to recover some of the locked data via a third-party file recovery software.