'Yourencrypter@protonmail.ch' Ransomware

The 'Yourencrypter@protonmail.ch' Ransomware is an encryption ransomware Trojan that was built using TeslaWare, a Ransomware as a Service (RaaS) platform that has been observed in previous cases of new encryption ransomware Trojans. PC security researchers have noted several variants of this threat being released in Summer of 2018, each a few weeks apart. The 'Yourencrypter@protonmail.ch' Ransomware was first observed on August 3, 2018.

How the 'Yourencrypter@protonmail.ch' Ransomware Trojan will Affect Your Files

The 'Yourencrypter@protonmail.ch' Ransomware Trojan carries out a fairly typical encryption ransomware attack. The 'Yourencrypter@protonmail.ch' Ransomware is designed to take the victim's files hostage using a strong encryption algorithm. The 'Yourencrypter@protonmail.ch' Ransomware will then demand a ransom payment from the victim in exchange for a decryption key, which is the only way to decrypt the affected data. The 'Yourencrypter@protonmail.ch' Ransomware uses the AES 256 encryption to make the victim's files inaccessible and targets a variety of file types, including media files, images, documents, databases, configuration files, websites and numerous others. The files that are targeted in attacks like 'Yourencrypter@protonmail.ch' Ransomware include:

.ebd, .jbc, .pst, .ost, .tib, .tbk, .bak, .bac, .abk, .as4, .asd, .ashbak, .backup, .bck, .bdb, .bk1, .bkc, .bkf, .bkp, .boe, .bpa, .bpd, .bup, .cmb, .fbf, .fbw, .fh, .ful, .gho, .ipd, .nb7, .nba, .nbd, .nbf, .nbi, .nbu, .nco, .oeb, .old, .qic, .sn1, .sn2, .sna, .spi, .stg, .uci, .win, .xbk, .iso, .htm, .html, .mht, .p7, .p7c, .pem, .sgn, .sec, .cer, .csr, .djvu, .der, .stl, .crt, .p7b, .pfx, .fb, .fb2, .tif, .tiff, .pdf, .doc, .docx, .docm, .rtf, .xls, .xlsx, .xlsm, .ppt, .pptx, .ppsx, .txt, .cdr, .jpe, .jpg, .jpeg, .png, .bmp, .jiff, .jpf, .ply, .pov, .raw, .cf, .cfn, .tbn, .xcf, .xof, .key, .eml, .tbb, .dwf, .egg, .fc2, .fcz, .fg, .fp3, .pab, .oab, .psd, .psb, .pcx, .dwg, .dws, .dxe, .zip, .zipx, .7z, .rar, .rev, .afp, .bfa, .bpk, .bsk, .enc, .rzk, .rzx, .sef, .shy, .snk, .accdb, .ldf, .accdc, .adp, .dbc, .dbx, .dbf, .dbt, .dxl, .edb, .eql, .mdb, .mxl, .mdf, .sql, .sqlite, .sqlite3, .sqlitedb, .kdb, .kdbx, .1cd, .dt, .erf, .lgp, .md, .epf, .efb, .eis, .efn, .emd, .emr, .end, .eog, .erb, .ebn, .ebb, .prefab, .jif, .wor, .csv, .msg, .msf, .kwm, .pwm, .ai, .eps, .abd, .repx, .oxps, .dot.

The 'Yourencrypter@protonmail.ch' Ransomware will mark the files encrypted by its attack by adding the file extension '[id-].[yourencrypter@protonmail.ch].<3 random chars>' to each affected file. The 'Yourencrypter@protonmail.ch' Ransomware will deliver a ransom note in the form of a text file dropped on the infected computer's desktop. The ransom note file, named 'ID_CLIENT_yourencrypter@protonmail.ch.txt' demands that the victim pay a ransom by contacting the criminals via email, which encompasses a large amount that should be paid in Bitcoins. PC security specialists strongly advise computer users not to pay the 'Yourencrypter@protonmail.ch' Ransomware ransom amount since the criminals responsible for these attacks will rarely keep their word. Furthermore, paying this ransom allows the criminals responsible for the 'Yourencrypter@protonmail.ch' Ransomware to continue creating and distributing threats like 'Yourencrypter@protonmail.ch' Ransomware. Computer users that pay these ransoms are also likelier to become infected with future versions of attacks like these since the criminals will often target computer users that have shown a willingness to pay once.

Dealing with the 'Yourencrypter@protonmail.ch' Ransomware Attack

Although in most cases, the victims of threats like 'Yourencrypter@protonmail.ch' Ransomware will have no recourse to recover their files, malware researchers have received reports that the files encrypted by the 'Yourencrypter@protonmail.ch' Ransomware's attack are recoverable. PC security experts advise computer users to take steps to check whether they can recover the files encrypted by the 'Yourencrypter@protonmail.ch' Ransomware. However, since in most cases this is not possible, the best protection against threats like the 'Yourencrypter@protonmail.ch' Ransomware is still to have file backups. Furthermore, an updated and effectual security program can help computer users prevent these attacks in the first place, intercepting them before they are installed on a vulnerable computer. Since threats like the 'Yourencrypter@protonmail.ch' Ransomware are delivered through spam emails mainly, malware researchers also advise computer users to learn how to handle this content safely.