'.wtdi File Extension' Ransomware

The '.wtdi File Extension' Ransomware is a encryption ransomware Trojan that is designed to imitate CryptoWall, a well-known ransomware Trojan. The '.wtdi File Extension' Ransomware is written using .NET and has been spotted carrying out attacks against computer users in the wild. The '.wtdi File Extension' Ransomware will add the file extension '.wtdi' to files affected in its attack so that they can be identified easily. The victims of the '.wtdi File Extension' Ransomware attack will see a large message in red bold Cyrillic characters. This is a ransom note written in Russian alerts the victim of the attack and demands the payment of a ransom. The '.wtdi File Extension' Ransomware poses a real threat to the victims' data and threat researchers advise computer users to take steps to protect their computers from the '.wtdi File Extension' Ransomware and other encryption ransomware Trojans preemptively.

How the '.wtdi File Extension' Ransomware may Infect a Computer

The main way in which the '.wtdi File Extension' Ransomware is delivered to victims is through the use of corrupted email spam attachments. These email messages are designed to trick computer users into opening a file attachment that will download and install the '.wtdi File Extension' Ransomware onto their computer. One message used to deliver the '.wtdi File Extension' Ransomware impersonates the DHL shipping company and even includes a fake DHL website to heighten the illusion that the file being downloaded is legitimate. This bogus DHL website will lead to the download of a ZIP file, which will contain the '.wtdi File Extension' Ransomware.

Once the '.wtdi File Extension' Ransomware has reached the victim's computer, it will begin scanning the victim's computer for certain file types, as well as changing the Windows' settings to allow the '.wtdi File Extension' Ransomware to run on start-up automatically and disable various Windows features and programs that could help prevent these attacks. The '.wtdi File Extension' Ransomware is contained in an executable file named CryptoWall.edxe. The '.wtdi File Extension' Ransomware connects to its Command and Control server to relay information about the infected computer and to receive configuration data and instructions.

The '.wtdi File Extension' Ransomware Attack and Its Consequences

During the infection, the '.wtdi File Extension' Ransomware will target a wide variety of file types, looking for files generated by the computer user such as documents, music, videos, audio, archives, databases and many others. The '.wtdi File Extension' Ransomware uses a strong encryption process that prevents the victim from opening the affected files as normal. Once the '.wtdi File Extension' Ransomware has finished encrypting the victim's files, making them unreadable and taking them hostage effectively, the '.wtdi File Extension' Ransomware will deliver its ransom note. The '.wtdi File Extension' Ransomware's ransom note takes the form of a program window containing large red bold letters in Russian over a black background. This message will confuse computer users that do not speak Russian. Below is the translation of the '.wtdi File Extension' Ransomware ransom message:

'In general, litter. But we're a little pissed off and encrypted all your documentation. If you want to decipher them, you need to pay. how
It is said that only the mouse in the mousetrap is free of charge =)) Be nice and
Pay. Or you will not see your files =)
Here is the account number: UNIQUEID
And this is the connection with us: ICQ
We'll say how much will the decoder cost …'

The people responsible for the '.wtdi File Extension' Ransomware attack demand that the victims communicate through ICQ to receive decryption instructions. PC security researchers strongly advise against communicating with the people responsible for the '.wtdi File Extension' Ransomware. This can lead to further infections and problems on the infected computer. Instead, use a reliable security program that is fully up-to-date to protect your computer and have backup copies of your files to facilitate recovery.