TotalWipeOut Ransomware
The TotalWipeOut Ransomware is an encryption ransomware Trojan. There is very little difference between the TotalWipeOut Ransomware and the numerous other encryption ransomware Trojans that are being used to strike computer users currently. The TotalWipeOut Ransomware is designed to use the AES and RSA encryptions to make the victim's files inaccessible. Although a decryptor for the TotalWipeOut Ransomware has not been released, the TotalWipeOut Ransomware uses a hardcoded encryption key in its attack, which makes it likely that a decryption program will be released by malware researchers eventually. Meanwhile, it is important to take preventive measures against the TotalWipeOut Ransomware and the many other threats that use an identical attack.
Table of Contents
How the TotalWipeOut Ransomware Carries Out Its Attack
The TotalWipeOut Ransomware is delivered to victims through corrupted email spam attachments. Once the TotalWipeOut Ransomware is installed on a computer, it scans the victim's computer for the user-generated files and uses the AES and RSA encryptions to make those files inaccessible. The files typically targeted in these attacks include:
.jpg, .jpeg, .raw, .tif, .gif, .png, .bmp, .3dm, .max, .accdb, .db, .dbf, .mdb, .pdb, .sql, .dwg, .dxf, .cpp, .cs, .h, .php, .asp, .rb, .java, .jar, .class, .py, .js, .aaf, .aep, .aepx, .plb, .prel, .prproj, .aet, .ppj, .psd, .indd, .indl, .indt, .indb, .inx, .idml, .pmd, .xqx, .xqx, .ai, .eps, .ps, .svg, .swf, .fla, .as3, .as, .txt, .doc, .dot, .docx, .docm, .dotx, .dotm, .docb, .rtf, .wpd, .wps, .msg, .pdf, .xls, .xlt, .xlm, .xlsx, .xlsm, .xltx, .xltm, .xlsb, .xla, .xlam, .xll, .xlw, .ppt, .pot, .pps, .pptx, .pptm, .potx, .potm, .ppam, .ppsx, .ppsm, .sldx, .sldm, .wav, .mp3, .aif, .iff, .m3u, .m4u, .mid, .mpa, .wma, .ra, .avi, .mov, .mp4, .3gp, .mpeg, .3g2, .asf, .asx, .flv, .mpg, .wmv, .vob, .m3u8, .dat, .csv, .efx, .sdf, .vcf, .xml, .ses, .qbw, .qbb, .qbm, .qbi, .qbr , .cnt, .des, .v30, .qbo, .ini, .lgb, .qwc, .qbp, .aif, .qba, .tlg, .qbx, .qby , .1pa, .qpd, .txt, .set, .iif, .nd, .rtp, .tlg, .wav, .qsm, .qss, .qst, .fx0, .fx1, .mx0, .fpx, .fxr, .fim, .ptb, .ai, .pfb, .cgn, .vsd, .cdr, .cmx, .cpt, .csl, .cur, .des, .dsf, .ds4, , .drw, .eps, .ps, .prn, .gif, .pcd, .pct, .pcx, .plt, .rif, .svg, .swf, .tga, .tiff, .psp, .ttf, .wpd, .wpg, .wi, .raw, .wmf, .txt, .cal, .cpx, .shw, .clk, .cdx, .cdt, .fpx, .fmv, .img, .gem, .xcf, .pic, .mac, .met, .pp4, .pp5, .ppf, .nap, .pat, .ps, .prn, .sct, .vsd, .wk3, .wk4, .xpm, .zip, .rar.
It is possible that the TotalWipeOut Ransomware was conceived as a data wiper originally, a program designed to delete the victim's files completely. The TotalWipeOut Ransomware functions as a data wiper effectively if the criminals do not provide the decryption key (which in most of these Trojan types is what happens precisely, even when victims pay the ransom amount).
The TotalWipeOut Ransomware’s Ransom Demand
The TotalWipeOut Ransomware ransom demand is contained in a ransom note that replaces the victim's desktop image. The TotalWipeOut Ransomware ransom note is contained in a message delivered over a black background containing the following text:
'Hello. All of your files may have been encrypted. If this is the case - The price of the decryption tool is 1 XMR / $200'
The TotalWipeOut Ransomware delivers its ransom note in nine different languages: English, Russian, Indonesian, Japanese, Hindi, Turkish, Spanish, Portuguese and Punjabi. The TotalWipeOut Ransomware delivers the same ransom note in a text file named '_______READ_FOR_YOUR_FILES_______.txt,' which is dropped on the infected computer's desktop and other locations.
Dealing with the TotalWipeOut Ransomware Infection
The best protection against threats like the TotalWipeOut Ransomware is to have file backups. File backups enable computer users to recover from a TotalWipeOut Ransomware attack by replacing the encrypted files with the backup copies. Apart from file backups, computer users need to use a security program that is fully up-to-date to protect their machines against any infection kind.
