Threat Database Ransomware ‘Unlock11@protonmail.com' Ransomware

‘Unlock11@protonmail.com' Ransomware

By GoldSparrow in Ransomware

Malware researchers have come upon another emerging data-locking Trojan recently. This threat is called the ‘Unlock11@protonmail.com’ Ransomware. This malware does not seem to belong to any of the famous ransomware families.

It is not confirmed what infection vectors are employed in propagating the ‘Unlock11@protonmail.com’ Ransomware. However, it is likely that the creators of the ‘Unlock11@protonmail.com’ Ransomware may be relying on spam emails containing corrupted attachments, faux application updates, and infected pirated software to spread their threat. Once a system is infiltrated by the ‘Unlock11@protonmail.com’ Ransomware, the threat would begin a scan. The scan is meant to determine the locations of the files, which the ‘Unlock11@protonmail.com’ Ransomware is targeting. Then, the ‘Unlock11@protonmail.com’ Ransomware would start encrypting the targeted data.

Once a file is locked by the ‘Unlock11@protonmail.com’ Ransomware, it will add an extra extension – ‘[Unlock11@protonmail.com].enc.’ This means that if this threat encrypts a file named ‘white-possum.jpg,’ it will change the name of the affected file to ‘white-possum.jpg.[Unlock11@protonmail.com].enc.’ When the encryption process is through, the ‘Unlock11@protonmail.com’ Ransomware will drop its ransom note. The note is named ‘ReadMeToDecrypte.txt.’ In the note, the attackers claim to have used the AES-128 and RSA-2048 encryption algorithms. They also offer to unlock three files for free, as long as they do not exceed 5MB in size. However, the attackers do not mention what the ransom fee required is. They do give out an email address where they are meant to be contacted – ‘Unlock11@protonmail.com.’

We recommend strongly that you keep your distance from cybercriminals like the ones responsible for the ‘Unlock11@protonmail.com’ Ransomware. These are shady individuals who are not to be trusted. A safer approach is to make sure you download and install a legitimate anti-malware application and have it wipe the ‘Unlock11@protonmail.com’ Ransomware off of your system.

Trending

Most Viewed

Loading...