YafunnLocker Ransomware

The YafunnLocker Ransomware is a ransomware Trojan that was first observed in November of 2016 by PC security analysts. Security analysts recommend that computer users take steps to protect their computers from the YafunnLocker Ransomware and the many other ransomware Trojans that are active in the wild currently. The YafunnLocker Ransomware carries out its attack by using an advanced encryption algorithm to lock the victim's data. The YafunnLocker Ransomware may be distributed through the use of corrupted advertisements and links that lead computer users to websites containing an exploit kit. The RIG Exploit Kit, in particular, has been associated with recent YafunnLocker Ransomware attacks. The YafunnLocker Ransomware is based on the TeslaCrypt encryption ransomware Trojan, which was no longer developed after Spring of 2016. The YafunnLocker Ransomware has been associated with the email address YAFUNN@YAHOO.COM, from where it gets its name. However, PC security researchers have associated a variety of other email addresses with the YafunnLocker Ransomware, including 'bortanofe@hotmail.com' and 'framozes@yandex.ru.'

There's not Any Fun in the YafunnLocker Ransomware Attack

The YafunnLocker Ransomware ransom note claims that the YafunnLocker Ransomware uses the RSA-2048 encryption to encrypt the victim's data. However, the YafunnLocker Ransomware uses an AES-256 encryption algorithm. Regardless of the encryption type used. However, the files that have been encrypted by the YafunnLocker Ransomware cannot be decrypted without the PC user having access to the decryption key, which the con artists will hold in their possession until the victim pays a large ransom. The YafunnLocker Ransomware is a variant of numerous other ransomware Trojans active currently – in fact, most ransomware Trojans are so similar that it becomes almost impossible to distinguish them from one to another in any meaningful way.

The files encrypted by the YafunnLocker Ransomware are easy to spot: the YafunnLocker Ransomware will add the extension '.{8}_luck' to each file that has been compromised. The YafunnLocker Ransomware attack is fairly typical of an encryption ransomware Trojan, scanning the victim's drives for certain file types (usually media, images, databases and Office documents) and then encrypting them so that they are no longer accessible. The YafunnLocker Ransomware drops a text file with the instructions for the victim. This file, named '@WARNING_FILES_ARE_ENCRYPTED.txt,' is dropped in every directory where the YafunnLocker Ransomware encrypted data, as well as on the victim's Desktop. The contents of the YafunnLocker Ransomware ransom note are displayed below:

'A T T E N T I O N !
YOUR PERSONAL FILES ARE ENCRYPTED!
PERSONADAL ID: [EIGHT RANDOM CHARACTERS]
Your important files encryption produced on this computer: photos, videos, documents, etc. Here is a complete list of encrypted files, and you can personally verify this. Encryption was produced using a unique public key RSA-2048 generated for this computer.
If you see this text bu don't see Decryptor wizard window - please, disable any Firewalls and antivirus products.
You have 72 hours for payment.
After this time the private key will be destroyed.
For more info and support, please, contact us at this email address:
YAFUNN@YAHOO.COM'

Do not Pay the YafunnLocker Ransomware Ransom

Malware analysts do not recommend that computer users pay the YafunnLocker Ransomware ransom. In most cases, it is equally likely that the people responsible for the YafunnLocker Ransomware attack may ask for more money or ignore the victim altogether. Rather, computer users are advised to protect their data by creating regular backups of their data. If computer users have backups of their data, then the creators of the YafunnLocker Ransomware and other encryption ransomware have no leverage to ask for ransom. In fact, this is the single best measure that computer users can take to prevent the YafunnLocker Ransomware and other ransomware attacks and, in the long run, make these attacks so ineffective that they may end altogether. In an age where cloud storage is so freely available and inexpensive and where external memory devices have increased substantially in capacity, there is no reason to not backup data regularly.