'ungodianact1986@aol.com' Ransomware

The 'ungodianact1986@aol.com' Ransomware is an encryption ransomware Trojan that was first observed on February 7, 2019, by malware researchers. The 'ungodianact1986@aol.com' Ransomware is part of a ransomware family that first appeared in late 2018, which combines elements of two well-known ransomware families, the Crysis Ransomware and the Dharma Ransomware. The 'ungodianact1986@aol.com' Ransomware uses the Crysis' encryption methods but connects to its Command and Control servers with methods based on the Dharma's attack. The 'ungodianact1986@aol.com' Ransomware carries out an effective ransomware attack designed to take the victim's files hostage and then asks for a ransom payment from the victim to restore access to the compromised data.

How the 'ungodianact1986@aol.com' Ransomware Attack Works

The 'ungodianact1986@aol.com' Ransomware use a strong encryption algorithm to make the victim's files inaccessible, adding the file extension '.frend' to each file encrypted by the attack. The 'ungodianact1986@aol.com' Ransomware targets the user-generated files in its attack, which makes them inaccessible. The 'ungodianact1986@aol.com' Ransomware demands a ransom payment from the victim, delivering its ransom note as a text file named 'FILES ENCRYPTED.txt,' which is dropped on the infected computer's desktop once the victim's files have been compromised. The 'ungodianact1986@aol.com' Ransomware's ransom note contains the following text for the victim:

'All your files have been encrypted!
All your files have been encrypted due to a security problem with your PC. If you want to restore them, write us to the e-mail ungodianact1986@aol.com
Writer this ID in the title of your message: [random characters]
You will have to pay for decryption in Bitcoins. The price depends on how fast you write to us. After payment, we will send you the decryption tool that will decrypt all your files.'

The 'ungodianact1986@aol.com' Ransomware will target a wide variety of media files, document types, configuration data, databases, and numerous other user-generated files, which may include files with the following file extensions:

.jpg, .jpeg, .raw, .tif, .gif, .png, .bmp, .3dm, .max, .accdb, .db, .dbf, .mdb, .pdb, .sql, .dwg, .dxf, .cpp, .cs, .h, .php, .asp, .rb, .java, .jar, .class, .py, .js, .aaf, .aep, .aepx, .plb, .prel, .prproj, .aet, .ppj, .psd, .indd, .indl, .indt, .indb, .inx, .idml, .pmd, .xqx, .xqx, .ai, .eps, .ps, .svg, .swf, .fla, .as3, .as, .txt, .doc, .dot, .docx, .docm, .dotx, .dotm, .docb, .rtf, .wpd, .wps, .msg, .pdf, .xls, .xlt, .xlm, .xlsx, .xlsm, .xltx, .xltm, .xlsb, .xla, .xlam, .xll, .xlw, .ppt, .pot, .pps, .pptx, .pptm, .potx, .potm, .ppam, .ppsx, .ppsm, .sldx, .sldm, .wav, .mp3, .aif, .iff, .m3u, .m4u, .mid, .mpa, .wma, .ra, .avi, .mov, .mp4, .3gp, .mpeg, .3g2, .asf, .asx, .flv, .mpg, .wmv, .vob, .m3u8, .dat, .csv, .efx, .sdf, .vcf, .xml, .ses, .qbw, .qbb, .qbm, .qbi, .qbr , .cnt, .des, .v30, .qbo, .ini, .lgb, .qwc, .qbp, .aif, .qba, .tlg, .qbx, .qby , .1pa, .qpd, .txt, .set, .iif, .nd, .rtp, .tlg, .wav, .qsm, .qss, .qst, .fx0, .fx1, .mx0, .fpx, .fxr, .fim, .ptb, .ai, .pfb, .cgn, .vsd, .cdr, .cmx, .cpt, .csl, .cur, .des, .dsf, .ds4, , .drw, .eps, .ps, .prn, .gif, .pcd, .pct, .pcx, .plt, .rif, .svg, .swf, .tga, .tiff, .psp, .ttf, .wpd, .wpg, .wi, .raw, .wmf, .txt, .cal, .cpx, .shw, .clk, .cdx, .cdt, .fpx, .fmv, .img, .gem, .xcf, .pic, .mac, .met, .pp4, .pp5, .ppf, .nap, .pat, .ps, .prn, .sct, .vsd, .wk3, .wk4, .xpm, .zip, .rar.

Dealing with the 'ungodianact1986@aol.com' Ransomware Attack

The 'ungodianact1986@aol.com' Ransomware's ransom should not be paid unless there are no other options. The criminals do not intend to help the victims to recover from the attack and will often ignore the payment or target the payers with additional tactics. Unfortunately, after the 'ungodianact1986@aol.com' Ransomware has encrypted the files, they cannot be recovered without the decryption key. Because of this, the best protection against the 'ungodianact1986@aol.com' Ransomware and the many ransomware Trojans that carry these attacks is to have backup copies of your files, which should be saved in a highly protected location such as the cloud or on an external device. Apart from file backups, computer users should use a security program that is fully up-to-date.