Category: Ransomware

Aesir ransomware is a new release of Locky encryption virus. Mostly it has minor changes, as in the basic behavior it is identical to Odin, Thor, and Locky threats. So, in method of operation this malware resembles any other ransomware: it infiltrates the system stealthily and then searches for the files of the most frequent extensions. The scanned data afterwards becomes encrypted with asymmetric cryptography and the files get the .aesir extension.

CryptFIle2 ransomware belongs to a group of malware that is developed to cipher valuable personal information and then extort money by claiming a ransom in return of the data. The ransomware infiltrates the systems stealthily and then begins to rewrite the files.

What is Recoverhelp@protonmail.ch Ransomware?

recoverhelp@protonmail.ch ransomware is another release of the Fantom encryption malware that was developed to unnoticeably crawl into systems and encipher files using an AES code. To masquerade the encryption process, recoverhelp@protonmail.ch ransomware shows a bogus Windows Update screen. The encrypted files get a series of random letters and the .locked4 extension, so that they could be easily recognized. With the end of the process the ransomware displays the explanatory note, in which the cybercriminals present their demands. By the moment of writing the article, the ransom accounted to 1.0376 Bitcoin. As the message states, the decryption key will be presented only after a victim transfers this amount of money, and without it the restoration of files is impossible. Still, we offer this guide to remove Recoverhelp@protonmail.ch ransomware and decrypt .locked4 files without paying to some schemers. read more

Notice Of Imposition Of Fine is a malware that users may identify by a message about violation of some law. There already been dangers, like this, that used to block the screen while pretending to be a governmental service alert, so the creators of Notice Of Imposition Of Fine ransomware keep to the beaten track. These threats were developed to scare the victim and to persuade the user to pay the ransom in return for device unblocking.

Although Kangaroo ransomware may seem a new threat, it is nothing but a recently showed up version of Apocalypse ransomware. This new release targets for even wider range of extensions, but in the whole operates as other malware of this type.

What is Troldesh ransomware?

Troldesh ransomware is known as a serious threat for a while now – it has released several versions and keeps updating. Like any typical ransomware, it is able to detect and cipher all popular types of files. After hijacking the data, it alerts the victim with a warning that appears as a wallpaper. The message states the encryption and gives Tor addresses to revert it. No need to say that it can be done only after a victim transfers money to the cyber criminals. We would like to emphasize the weakness of the deal, as the scammers don’t provide any guarantees. Instead of paying the ransom to unknown sources, it’s better to find the ways and concentrate on how to remove Troldesh ransomware and decrypt .xbtl files on your own. read more

Crysis ransomware is one of the versions of the diverse threat known as virus-encoder. The same as any other typical ransomware, Crysis encryption virus infiltrates system stealthily and takes your data as a hostage. For retrieving your photos, media files and documents the creators of Crysis ransomware demand a certain amount of money after paying which you will get the decrypting application. Or so they say. In fact, there are no guarantees that the scammers will stand by their promise.

Thor ransomware is a encrypting successor of ill-famed Locky ransomware, a threat that already has many variants. However, it significantly differs from previous editions of the virus. First of all, it combines RSA and AES ciphers, which makes decryption of files way more difficult than before. Second, now it is capable of scattering over 400 file types. Altogether these factors make the malware a serious hazard to information safety.

HCrypto is another representative of crypto-malware group. It appeared in early October 2016 and was immediately considered to be a serious threat to its victims’ personal data. The ransomware encrypts all files on all drives, including the removable ones and online clouds, and then blackmails the victim. The cybercriminals present the demands in ex3t.pdf file that is put in every directory containing encrypted files.

.LOL! Encryption virus looks like a prank joke, however, people who fell victim of it don’t find it funny at all. The threat appears to be real and hazardous, as it is nothing but a ransomware that deciphers your data and demands money in exchange for it.