'Xbotcode@gmail.com' Ransomware

The 'Xbotcode@gmail.com' Ransomware is a ransomware Trojan that is being used to trick computer users. The 'Xbotcode@gmail.com' Ransomware is being sold on the Dark Web. PC security researchers named the 'Xbotcode@gmail.com' Ransomware because of the email address that is used to contact the 'Xbotcode@gmail.com' Ransomware's developers. Some anti-virus programs will detect the 'Xbotcode@gmail.com' Ransomware as the 'Source Code' Ransomware because its source code is freely available in several different versions. The 'Xbotcode@gmail.com' Ransomware is being offered to con artists as a RaaS (Ransomware as a Service) platform that allows anyone to create ransomware campaigns and profit at the expense of victims around the world. By using a botnet to distribute the 'Xbotcode@gmail.com' Ransomware and a packager, the implementation of ransomware attacks is quite simple, and a worrying development for PC security specialists.

Another Ransomware from an 'Educational Project'

The 'Xbotcode@gmail.com' Ransomware's code is based on the EDA2 project. EDA2 is an open source ransomware platform that was released for 'educational purposes' initially. Unfortunately, the easy availability of this code allowed numerous con artists to create ransomware campaigns based on this corrupted code. The EDA2 platform was devastating, forming a large part of ransomware campaigns in 2016. As much as 15% of all ransomware Trojans released in 2016 may be based on the EDA2 code. However, the 'Xbotcode@gmail.com' Ransomware is one of the few RaaS implementations of this threat attack, which has been a relatively uncommon approach to the use of this family of ransomware Trojans. According to the advertising associated with the 'Xbotcode@gmail.com' Ransomware, the following features are offered to clients wanting to hire the developers of the 'Xbotcode@gmail.com' Ransomware to carry out a ransomware campaign:

Source Code Decrypter Ransomware - $95
Code Macro Microsoft Office (Word, Excel) - $30
Code Macro Javascript Bash (.js) - $30
Code Update Virus Program - $49
Support (Setup C&C, SMTP Server,...) - $99
Setup .Onion & Gateway (Bitcoin, PM) - $149
Source Code Botnet - $190
Add-on - Code Macro Microsoft Office (Word, Excel) - $30
Add-on - Code Macro Javascript Bash (.js) - $30
Add-on - Code Update Virus Program - $49
Support 1 year (Setup C&C, SMTP, Domain) - $99
The Premium Plan for the 'Source Code' Ransomware Costs Nearly $650

How the 'Xbotcode@gmail.com' Ransomware Attack is Carried Out

There are several ways in which the 'Xbotcode@gmail.com' Ransomware can be distributed. The 'Xbotcode@gmail.com' Ransomware may be distributed as a corrupted PDF or Microsoft Word file. These corrupted files take advantage of vulnerabilities in macros that allow con artists to carry out corrupted code on the victim's computer. Once the 'Xbotcode@gmail.com' Ransomware has been delivered to the victim's computer, it will target the following file formats, scanning the victim's drives and encrypting these files:

.docm, .docx, .dot, .dotm, .dotx, .dox, .dpk, .dpl, .dpr, .dsk, .dsp, .dvd, .dvi, .dvx, .dwg, .dxe, .dxf, .dxg, .elf, .epk, .eps, .eql, .erf, .err, .esm, .euc, .evo, .ex, .exif , .f90, .faq, .fcd, .fdr, .fds, .ff, .fla, .flac, .flp, .flv, .for, .forge, .fos, .fpk, .fpp, .fsh, .gam, .gdb, .gho, .gif, .grf, .gthr, .gz, .gzig, .gzip, .h3m, .h4r, .hkdb, .hkx, .hplg, .htm, .html, .hvpl, .ibank, .icxs, .idx, .ifo, .img, .indd.

Protecting Your Computer Against the 'Xbotcode@gmail.com' Ransomware

The best protection against the 'Xbotcode@gmail.com' Ransomware is to backup all files regularly. The 'Xbotcode@gmail.com' Ransomware works by encrypting its victim's files with a strong encryption algorithm and then demanding that the victim pays a large ransom in exchange for the decryption key. If the victim can recover the affected files from a backup easily, then the con artists no longer have any way to force computer users to pay, essentially making the entire attack ineffective. Apart from having file backups, computer users can prevent the 'Xbotcode@gmail.com' Ransomware from entering their computers by handling email with caution and never opening unsolicited email attachments or embedded links. A reliable security program that is fully up-to-date also can be used to intercept the 'Xbotcode@gmail.com'4 Ransomware threat before it begins its attack.