Threat Database Ransomware '.twist File Extension' Ransomware

'.twist File Extension' Ransomware

By GoldSparrow in Ransomware

Malware researchers first reported the '.twist File Extension' Ransomware, an encryption ransomware Trojan, in February 2018. The '.twist File Extension' Ransomware is nearly identical to many other encryption ransomware Trojans that are part of the HiddenTear family of threats. The '.twist File Extension' Ransomware, like other ransomware Trojans, uses a strong encryption algorithm to make the victim's files inaccessible, then adds the file extension '.twist' to the end of each file's name. The '.twist File Extension' Ransomware is being delivered via compromised spam email attachments. Victims may receive an email message with a DOCX file attachment. This file will contain a damaged macro script that downloads and installs the '.twist File Extension' Ransomware onto the victim's computer.

The Twisted Intentions of the '.twist File Extension' Ransomware's Creators

The '.twist File Extension' Ransomware carries out a typical ransomware attack using the AES 256 encryption to make the victim's files inaccessible. The '.twist File Extension' Ransomware will target a wide variety of the user-generated files, which will include music, video, images, and numerous document types. The following file types are commonly targeted by these attacks:

.3dm, .3g2, .3gp, .7zip, .aaf, .accdb, .aep, .aepx, .aet, .ai, .aif, .as, .as3, .asf, .asp, .asx, .avi, .bmp, .c, .class, .cpp, .cs, .csv, .dat, .db, .dbf, .doc, .docb, .docm, .docx, .dot, .dotm, .dotx, .dwg, .dxf, .efx, .eps, .fla, .flv, .gif, .h, .idml, .iff, .indb, .indd, .indl, .indt, .inx, .jar, .java, .jpeg, .jpg, .js, .m3u, .m3u8, .m4u, .max, .mdb, .mid, .mkv, .mov, .mp3, .mp4, .mpa, .mpeg, .mpg, .msg, .pdb, .pdf, .php, .plb, .pmd, .png, .pot, .potm, .potx, .ppam, .ppj, .pps, .ppsm, .ppsx, .ppt, .pptm, .pptx, .prel, .prproj, .ps, .psd, .py, .ra, .rar, .raw, .rb, .rtf, .sdf, .sdf, .ses, .sldm, .sldx, .sql, .svg, .swf, .tif, .txt, .vcf, .vob, .wav, .wma, .wmv, .wpd, .wps, .xla, .xlam, .xll, .xlm, .xls, .xlsb, .xlsm, .xlsx, .xlt, .xltm, .xltx, .xlw, .xml, .xqx, .xqx, .zip.

Threats like the '.twist File Extension' Ransomware target the user-generated files while avoiding the Windows system files and applications because they require the victim to be able to connect to the Internet and use the affected PC to send a ransom payment in exchange for the decryption key necessary to restore the affected files.

The '.twist File Extension' Ransomware Ransom Demand

The '.twist File Extension' Ransomware will disable any characteristics of the Windows operating system that could help victims recover their files, including the Shadow Volume copies and the System Restore points in its attack. The '.twist File Extension' Ransomware marks the files encrypted by the attack adding the file extension '.twist' to any affected file's name, also adding the string '.[twist@airmail.cc].twist' occasionally, which also includes the '.twist File Extension' Ransomware's email contact address. The '.twist File Extension' Ransomware delivers a ransom note in the form of a text file named 'How_Decrypt_Files.txt,' which is dropped on various locations of the infected computer. The entire text of the '.twist File Extension' Ransomware ransom note reads:

'Hello !
All your files have been encrypted !
If you want restore your files write on email - twist@airmail.cc
In the subject write - id-[RANDOM CHARACTERS]'

Computer users are counseled to refrain from paying the '.twist File Extension' Ransomware ransom amount or contacting the people responsible for the '.twist File Extension' Ransomware attack. In the case of the '.twist File Extension' Ransomware and other ransomware encryption Trojans, the best path is to take preemptive action against this threat.

Protecting Your Data from the '.twist File Extension' Ransomware

Malware researchers advise having file backups on the cloud or an external memory device. A security app that is fully up-to-date also is a must-have. To prevent the '.twist File Extension' Ransomware infections, it is also important to handle unsolicited email attachments and other possible infection sources with caution. A careful online behavior, connected with reliable security software and file backups are the best protection against threats like the '.twist File Extension' Ransomware.

Trending

Most Viewed

Loading...