'X280@protonmail.com' Ransomware Description
The 'email@example.com' Ransomware is among the newest ransomware threats spotted by experts. In the past few years, there has been a growing interest in data-locking Trojans as they are simple to build (provided that one borrows readily available code from other ransomware threats) and easy to propagate.
Propagation and Encryption
Upon studying the 'firstname.lastname@example.org' Ransomware, researchers found that this file-encrypting Trojan belongs to the Estemani Ransomware family. It is likely that the authors of the 'email@example.com' Ransomware are taking advantage of macro-laced attachments to spread this Trojan via email. Some experts believe that the 'firstname.lastname@example.org' Ransomware also may be propagated via bogus pirated copies of popular applications and fraudulent software updates. The 'email@example.com' Ransomware will make sure to scan your data and locate the file types, which it was programmed to target. Ransomware threats often go after most popular files such as .mp4, .jpeg, .png, .doc, .ppt, .pdf, .mp3, .mov, etc. because most users have these files on their systems. Next, the 'firstname.lastname@example.org' Ransomware will begin locking all the data that was targeted. When ransomware threats lock a file, they usually append a new extension at the end of the filename. However, the 'email@example.com' Ransomware encrypts the targeted files without adding an extension to their names.
The Ransom Note
When the encryption process is completed, the 'firstname.lastname@example.org' Ransomware will drop a ransom note called '@_READ_TO_RECOVER_FILES_@.txt.' Often, cyber crooks use all caps and even special symbols when naming ransom notes to ensure that the name catches the attention of the user. In the note, the attackers state that the ransom fee is 1.5 Bitcoin ($12,300 approximately at the time of typing this post). They also claim that attempts to decrypt the locked data with third-party software are 'futile.' The attackers expect the victims to contact them via email – 'email@example.com.'
It is certainly not a good idea to give your hard-earned cash to cybercriminals. Not only will you fund their criminal activity, but they are likely to trick you and never send the decryption key you need to unlock your data. It is far safer to download and install a genuine anti-malware application, which will take care of the 'firstname.lastname@example.org' Ransomware for you and keep your system secure in the future. You also can try to recover some of the data by using a file-recovery solution.
Do You Suspect Your PC May Be Infected with 'X280@protonmail.com' Ransomware & Other Threats? Scan Your PC with SpyHunterSpyHunter is a powerful malware remediation and protection tool designed to help provide PC users with in-depth system security analysis, detection and removal of a wide range of threats like 'X280@protonmail.com' Ransomware as well as a one-on-one tech support service. Download SpyHunter's FREE Malware Remover
Security Doesn't Let You Download SpyHunter or Access the Internet?Solutions: Your computer may have malware hiding in memory that prevents any program, including SpyHunter, from executing on your computer. Follow to download SpyHunter and gain access to the Internet:
- Use an alternative browser. Malware may disable your browser. If you're using IE, for example, and having problems downloading SpyHunter, you should open Firefox, Chrome or Safari browser instead.
- Use a removable media. Download SpyHunter on another clean computer, burn it to a USB flash drive, DVD/CD, or any preferred removable media, then install it on your infected computer and run SpyHunter's malware scanner.
- Start Windows in Safe Mode. If you can not access your Window's desktop, reboot your computer in "Safe Mode with Networking" and install SpyHunter in Safe Mode.
- IE Users: Disable proxy server for Internet Explorer to browse the web with Internet Explorer or update your anti-spyware program. Malware modifies your Windows settings to use a proxy server to prevent you from browsing the web with IE.