.waiting Ransomware Description
The .waiting Ransomware is a highly harmful threat that enciphers the most valuable files on a computer to justify the demand of a ransom to get the decryption ransomware necessary to recover the enciphered data. A computer user infected with the .waiting Ransomware will have a useless machine since their files were totally modified because the .waiting Ransomware has changed their names by adding the file extension '.waiting' to their names. Therefore, if you have a file named '3.notes,' it will be renamed to '3.notes.waiting' after its encryption.
The .waiting Ransomware Ransom Note
Then, the .waiting Ransomware will present the victims with its ransom demands in a ransom note named 'ReadMe.hta' that will appears in a pop-up window in any folder containing the enciphered files. The content of the ransom note informs the victims about why their files are no longer functioning, give them five days to make the ransom payment to avoid their data deletion, and ask the victims to make contact with the crooks handling the .waiting Ransomware via the email address email@example.com or uTox. They also create a unique Id to each victim, which should be used when contacting them so that they can identify the victim. To make the victims believe they have functional decryption software, they offer to decrypt three files for free since they do not contain crucial information and are not bigger than % MB. In the end, they warn the victims that if they try to use other decryption methods, their files will be destroyed for good.
The ransom note does not mention how much they want to receive to provide the decryption application, but you can be sure that it will not be for free. However, no matter if it is a small or a significant amount, sending money to cyber crooks is not an appropriate action, and the victims that do it probably will end up with their precious files enciphered and their bank accounts shorter.
How to Deal with a .waiting Ransomware Infection
Ransomware threats have countless ways to invade a computer without its owner's participation. It wasn't disclosed yet which one was used by the .waiting Ransomware. However, it looks like that it is easier to get infected if you do not have protected your computer sufficiently than get rid of these threats. Therefore, the most recommended way to deal with a .waiting Ransomware infection is to use an updated and trusted anti-malware product to scan your computer, find the .waiting Ransomware and its components, and then wipe it out from the infected machine.