'.UNIT09 File Extension' Ransomware

The '.UNIT09 File Extension' Ransomware is an encryption ransomware Trojan that was first observed in the final week of January 2019. The '.UNIT09 File Extension' Ransomware runs as an executable file named 'MewWare' on the victim's computer (and also can be referred by this name by anti-virus software). The '.UNIT09 File Extension' Ransomware behaves like most encryption ransomware Trojans, taking the victim's files hostage and then demanding a ransom payment to restore access to the compromised files.

How the '.UNIT09 File Extension' Ransomware Trojan Affects Your Files

The '.UNIT09 File Extension' Ransomware is typically delivered to the victims via corrupted spam email attachments. When the victims open these unsafe files, the '.UNIT09 File Extension' Ransomware is downloaded and installed. The '.UNIT09 File Extension' Ransomware uses the AES encryption to make the victim's files inaccessible, targeting the user-generated files such as those with the following file extensions:

.jpg, .jpeg, .raw, .tif, .gif, .png, .bmp, .3dm, .max, .accdb, .db, .dbf, .mdb, .pdb, .sql, .dwg, .dxf, .cpp, .cs, .h, .php, .asp, .rb, .java, .jar, .class, .py, .js, .aaf, .aep, .aepx, .plb, .prel, .prproj, .aet, .ppj, .psd, .indd, .indl, .indt, .indb, .inx, .idml, .pmd, .xqx, .xqx, .ai, .eps, .ps, .svg, .swf, .fla, .as3, .as, .txt, .doc, .dot, .docx, .docm, .dotx, .dotm, .docb, .rtf, .wpd, .wps, .msg, .pdf, .xls, .xlt, .xlm, .xlsx, .xlsm, .xltx, .xltm, .xlsb, .xla, .xlam, .xll, .xlw, .ppt, .pot, .pps, .pptx, .pptm, .potx, .potm, .ppam, .ppsx, .ppsm, .sldx, .sldm, .wav, .mp3, .aif, .iff, .m3u, .m4u, .mid, .mpa, .wma, .ra, .avi, .mov, .mp4, .3gp, .mpeg, .3g2, .asf, .asx, .flv, .mpg, .wmv, .vob, .m3u8, .dat, .csv, .efx, .sdf, .vcf, .xml, .ses, .qbw, .qbb, .qbm, .qbi, .qbr , .cnt, .des, .v30, .qbo, .ini, .lgb, .qwc, .qbp, .aif, .qba, .tlg, .qbx, .qby , .1pa, .qpd, .txt, .set, .iif, .nd, .rtp, .tlg, .wav, .qsm, .qss, .qst, .fx0, .fx1, .mx0, .fpx, .fxr, .fim, .ptb, .ai, .pfb, .cgn, .vsd, .cdr, .cmx, .cpt, .csl, .cur, .des, .dsf, .ds4, , .drw, .eps, .ps, .prn, .gif, .pcd, .pct, .pcx, .plt, .rif, .svg, .swf, .tga, .tiff, .psp, .ttf, .wpd, .wpg, .wi, .raw, .wmf, .txt, .cal, .cpx, .shw, .clk, .cdx, .cdt, .fpx, .fmv, .img, .gem, .xcf, .pic, .mac, .met, .pp4, .pp5, .ppf, .nap, .pat, .ps, .prn, .sct, .vsd, .wk3, .wk4, .xpm, .zip, .rar.

The '.UNIT09 File Extension' Ransomware attack marks the compromised files by adding the file extension '.UNIT09', to each file's name. The '.UNIT09 File Extension' Ransomware then delivers a ransom note in the form of a text file named '$!READ ME.txt,' which is dropped on the infected computer's desktop. This ransom note reads as follows:

'Dear [logged in username], Thanks for being a part of UNIT-109
But sadly its time to go. Send $10 in BTC to 1P9NNpNtbhsKaxr2oGkSaqUQb1kB4trS5U
Your files will be unrecoverable after 72 hours. Be quick ?
[random characters]'

Dealing with the '.UNIT09 File Extension' Ransomware Infection

It is not advised to pay the '.UNIT09 File Extension' Ransomware ransom, even though the ransom amount of $10 is lower than the majority of these threats considerably, which generally demand ransoms of hundreds of dollars at least. In many cases, the criminals are merely trying to expose the victims to additional tactics and may have no intention of helping the victims recover their data. The best shield against threats like the '.UNIT09 File Extension' Ransomware is to take preventive measures. The best prevention against these infections is to use an updated security program to prevent the '.UNIT09 File Extension' Ransomware from being installed and have backup copies of all your data stored on an external memory device. Having the capacity to restore any compromised data from a backup copy removes the criminals' leverage, freeing the victim from any need to pay a ransom to recover any lost data, and also is an essential computer security measure.