Yogynicof Ransomware

Yogynicof Ransomware Description

The Yogynicof Ransomware is a newly spotted data-locker that appears to be somewhat unusual. Like most file-encrypting Trojans, the Yogynicof Ransomware's primary goal is to lock its target's files and extort them for cash.

Propagation and Encryption

However, despite having the same purpose as most data-lockers, the Yogynicof Ransomware also will make sure to rename all the affected data to prevent the users from identifying their files. When the Yogynicof Ransomware infiltrates a computer, it will scan and locate all files that it considers to be of interest. The Yogynicof Ransomware is very likely to target a long list of filetypes, including .png, .jpeg, .jpg, .svg, .gif, .doc, .docx, .txt, .pdf, .mp3, .mid, .wav, .midi, .rar, .zip, .db, .xls, .xlsx, .ppt, .pptx, .mp4, .mov and many others. This means that most of your files would be encrypted securely. Most file-lockers would append an additional extension to the locked files. However, this is not the situation with the Yogynicof Ransomware. This ransomware threat renames the encrypted files by replacing them with consecutive numbers like 1, 2, 3, 4, 5, etc. This strategy prevents the victims from estimating the damage done to their data.

The Ransom Note

Another interesting trait of the Yogynicof Ransomware is that instead of dropping one ransom note on the breached host, it drops twenty identical copies. The only difference between the ransom note copies is the name. The first ransom note is called 'Read-me! 0.html,' while the last one is named 'Read-me! 20.html.' In the ransom message, the attackers demand to be paid $500 in Monero, which is one of the most popular cryptocurrencies available. The creators of the Yogynicof Ransomware offer an email address as a means of contacting them – ‘yogynicof@protonmail.com.'

There is not much of a point in bargaining with cybercriminals. Whether you pay the attackers or not, it is unlikely that you will be provided with a decryptor that will recover your data. This is why it is advisable to download and install a genuine, up-to-date anti-malware utility, which will help you remove the Yogynicof Ransomware from your PC.