Topcipher Ransomware

Similar to other popular pieces of ransomware in circulation, the Topcipher Ransomware infects targeted PCs via one or more security holes, rendering your valuable data inaccessible thanks to a strong encryption algorithm. Topcipher is the latest file encryption malware, to join the notorious VoidCrypt Ransomware family. You know you have fallen under Topcipher's grip when you see all your files changing their names via the following pattern:

<filename>.<filetype_extension>.[topcipher24@gmail.com][MJ-GX3965214078].topcipher

The bolded part is the suffix appended to each infected file.

Note! Unlike most ransomware threats, Topcipher does not generate a detailed ransom note. Instead, it creates a small text file named "prvkey*.txt.key" and locates it in the victim's ProgramData folder. While not a classic ransom note per se, the "prvkey*.txt.key" most likely serves as the victim's ID, because the crooks behind Topcipher demand that victims send this file to topcipher24@gmail(dot)com or topcipher@protonmail(dot)com. Only then will they receive an email presumably containing payment instructions and data recovery options.

Ransomware actors should never get what they ask for in a ransom note. Even though they may promise to give a fully-working decryption tool in return for your hard-earned money, we know from experience how unlikely it is for them to fulfill their early promises.

The Topcipher Ransomware may land on your machine as a corrupted email attachment, through unsafe Web links, or via potentially risky file-sharing platforms. Regardless of the infection vector used, the outcome is always as bad as it gets. Unless you back up your data regularly, you risk losing it all in the twinkling of an eye. That's why we never cease to raise awareness about the grave dangers hidden in ransomware and any other malware threats we come across.