VHDLocker Ransomware
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
Threat Level: | 80 % (High) |
Infected Computers: | 12 |
First Seen: | February 21, 2017 |
Last Seen: | February 28, 2020 |
OS(es) Affected: | Windows |
The VHDLocker Ransomware is a ransomware Trojan that is designed to infiltrate the victim's computer and encrypt the victim's files. The VHDLocker Ransomware does this to demand the payment of a ransom from the victim. After encrypting the victim's files, the VHDLocker Ransomware demands payment of 0.5 BitCoin to restore the affected files. Although ransomware Trojans like the VHDLocker Ransomware can be removed with the help of a reliable security program, the files encrypted by the VHDLocker Ransomware will remain encrypted until the victim gains access to the decryption key or a suitable decryption program. Unfortunately, recovering the files encrypted by threats like the VHDLocker Ransomware may be impossible, and computer users will have to rely on file backups and disk images to recover their content.
Table of Contents
There’s Something New on the VHDLocker Ransomware Infection
Although the VHDLocker Ransomware uses an attack that is similar to most ransomware Trojans, the VHDLocker Ransomware receives its name because among the file types that it encrypts, it also targets VHD files or Virtual Hard Disk images. The VHDLocker Ransomware also seems to create an inaccessible virtual hard disk file with the victim's data. These virtual hard disk files are used in software production and corporate computers to create backups. This makes it likely that the people responsible for the VHDLocker Ransomware attack are attempting to target high-profile victims apart from individual computer users. Apart from these files, the VHDLocker Ransomware encrypts a large number of file types on the victims' computers, including configuration files, media files, and common file formats used in documents produced by a wide variety of applications. After encrypting the victim's files, the VHDLocker Ransomware creates a ransom note contained in a text file, which is dropped on the victim's Desktop. This ransom note, named 'PLEASE READ.txt' contains the message below:
'Hello there. You can also use xxxxs://translate.google.com/
I would like to tell you first I'm sorry about that. Your documents, files, database, most are in original places or some moved to your local data. If you want to regain access to your local data please send 0.5 BTC (Bitcoin) to this address: 1AKjQC*** as fast as you can and email me at davidblainemagique@gmail.com If you dont know what bitcoin is, please ask me for bitcoin website that you can buy it fast or search on google for a local Bitcoin shop or ATM and transfer 0.5 BTC to this address: 1AKjQC***
It's not my fault if you are trying to format disk and lose all, encrypted files are not recoverable without bitlocker passoword. Here are only one way to get all back and regain access to your local hard disk drive and this way is to send 0.5 Bitcoin to this address: 1AKjQC***
It's just business not trying to get your money and then to not give your bitlocker password. Only me can give your password to unlock your Locals Disk so this is the only chance to get all back. Waiting for your reply to my email address (davidblainemagique@gmail.com or to my second email in case gmail not work davidblaine@mail2world.com) if you wanna get the bitlocker password.
If you have any questions please feel free to contact me at anytime.
Thanks for your time!
PS: Your files are here on VIRTUAL HARD DISK the location is here
C:\drivers\s.vhd
See here how to open your drive
xxxxs://www.youtube.com/watch?v=m3Pxn23dFuQ'
Dealing with a VHDLocker Ransomware Infection
Unfortunately, like with most ransomware Trojans, it is not possible to decrypt the files that have been affected by the VHDLocker Ransomware attack. Because of this, take preventive measures to ensure that your computer is protected from threats like the VHDLocker Ransomware adequately. The best protection against the VHDLocker Ransomware and similar ransomware is to have file backups of all important files. Computer users that have file backups can recover from aVHDLocker Ransomware attack quickly without needing to pay the ransom since they can simply restore the affected files with the backup copies.
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.