Ransomware is a group of PC parasites that locks the PC and demands payment for unlocking. Some of the parasites will outright demand payment without any explanation. Others will pretend to be from some institution, for example, FBI, RIAA, etc. The payments are collected using some pre-paid method usually. In Europe it is Ukash or Paysafe, in Russia SMS payments are used and in USA scammers use Moneypak. However, exceptions are possible. Ransomware differs from other scam software in following:
  1. It always demands payment, either because of "authority" or using threats to destroy all the data.
  2. It does not try to emulate PC problems like virus infections on itself , though it might claim that there was infection
  3. In many cases, it blocks PC better than Rogue antiviruses
Typically, it is a result of trojan infection and it is quite difficult to remove. Some of the problems are caused by the way PC is locked. Additionally, several different families of trojans can impersonate the same institution and even share the design. Thus several different removal instructions have to be carried out to remove the ransomware successfully. In the worst case, one needs alternate OS scanners to remove ransomware. However, in some cases it is enough to reboot into safe mode and change startup items, or use safe mode with command prompt to fix the registry. For complete guide check removal instructions for particular ransomware. In some cases you will need data decryption utility to recover encrypted files.

“Notice of Imposition of Fine” virus

“Notice of Imposition of Fine” is supposed to serve as an informative message to Internet users that they have went beyond the bounds of established rules. The report suggests that a recipient has been found guilty of having material that roughly breaks the intellectual property rights and other activity punishable by law. Even though the … Continued

0000 ransomware virus

Not so long ago we informed our readers about dangerous ransomware infection called CryptoMix. This 0000 ransomware infection is nothing new – it’s just updated version of CryptoMix. Why it is dubbed with this unusual name, 0000? Thats all because of an extension added by this ransomware, it’s .0000. You might already know that ransomware … Continued

“0010 SYSTEM FAILURE 0010” Ransomware

“SYSTEM FAILURE” is one name for the new cryptovirus which targets PC users. This virus locks user-created files (like photos and documents) and then presents you with an alarmist message (that vaguely looks like Windows 7’s blue screen error) and includes words like “IMMINENT SHUTDOWN” and “SYSTEM FAILURE“. It’s designed to scare people into acting hastily … Continued

0day Ransomware

0day is a Dharma/CrySiS ransomware and quite a dangerous virus. It usually infects computers through an exposed remote desktop connection and can potentially cost you all of your files and, possibly, a lot of money. 0day, discovered by , is a virus incredibly similar to Harma, NWA, and other ransomware. They behave the same way, … Continued

2k19cry File-locker

2k19cry ([email protected]) is the type of computer malware that is very fast and very destructive. It can make your files inaccessible by using encryption on them. Once your own files have been locked away from you, the 2k19cry virus displays ransom notes telling you to urgently contact the responsible criminals so that you can pay … Continued

4rw5w ransomware

4rw5w ransomware virus ventures to imitate the notorious WannaCry infection. The newer variant is structured similarly since it has a kill switch, comparable key file names. 4Rw5w virus uses a symmetric-key algorithm called Data Encryption Standard (DES) to encrypt the AES private key for decryption. Currently, researchers emphasize that this infection is not being actively … Continued

7ev3n Ransomware

7ev3n ransomware is a new threat to your cyber security. If your computer is infected with 7ev3n ransomware, some of your personal files stored on hard drive will be locked and you will be asked to pay ransom of 13 bitcoins in order to get them back. 7ev3n ransomware is noticeable as a ransomware with one of the biggest ransom demand … Continued

7h9r Ransomware

7h9r ransomware uses sophisticated asymmetric (RSA and AES) encryption algorithm to encrypt the files of the targeted victim. It is regarded to be a derivative of the both Nemucod ransomware and Xorist ransomware by some security experts. On the whole, there is a mutual agreement between experts and users who have suffered a ransomware attack … Continued

8chan ransomware virus

8chan is a new ransomware that was just discovered recently. Ransomware is one of the most lethal viruses out there – it can strike you out of nowhere and cause enormous damage to your system. Basically, what it will do is lock your files and then ask for a ransom in order to unlock them. … Continued

8lock8 ransomware

8lock8 ransomware, also known as EightLockEight ransomware, is said to be developed from the source code of HiddenTear ransomware. 8Lock8 file encoder employs asymmetric encryption algorithm. Two keys are generated: public (decryption) key and private (encryption) key. The private key is stored on C&C (Command and Control) servers controlled by the hackers. However, this ransomware … Continued

ABC ransomware virus

ABC ransomware virus is extremely dangerous computer infection that can attack your system and cause severe damage to it. First of all, you should know that files encrypted by ABC Ransomware will be unusable because this virus employs asymmetric cryptography to do the job. Ransomware, as defined by Techtarget, is a “subset of malware in … Continued

ABCLocker ransomware virus

ABCLocker, according to the label of Generic.Ransom.CloudSword that it has received, is based on CloudSword variant that we had managed to dig out back in January of 2017. Even its payload its called cloudsword.exe which creates an even stronger link between these two samples. The technique of file-corruption that the ransomware has selected to go … Continued

ACCDFISA Protection Program Ransomware

ACCDFISA Protection Program is a cyber infection, ransomware, that tries to mislead its victims that they are infected with dangerous virus illegally sending various spam messages filled with malicious links from their computers. To make this look really convincing, malware locks its victims out of the Windows desktop and displays misleading alert that asks to … Continued

Access Ransomware (.access files)

Access is the name of a virus that targets Windows computers. Compared to other infections, this one can be remarkably devastating because of its ability to lock all the files that were stored on the infected computer with the help of a cryptographic algorithm. The motive of the creators of Access is to force their … Continued

AcroWare Virus

AcroWare virus is categorized as a ransomware, but we need to set some things straight here. Most of the ransomware viruses use some kind of cryptography to lock personal files that are stored on the computer and add a unique extension to the end of it but in this case, AcroWare just locks the screen of the … Continued

Acton Ransomware

Acton is the name of file-encrypting ransomware, a version of Phobos. This cryptovirus infects computers and network, usually through RDP, and locks the files by scrambling their contents with a practically unbreakable encryption algorithm. The criminals responsible for Acton then demand money, usually a few thousand dollars. Acton is similar to Frendi, Phoenix, and Adame viruses. … Continued

Adage Cryptovirus

Phobos, an offshoot of Dharma ransomware, has released another variant — Adage (different from Adame ransomware). Adage is just like any other file-locking ransomware that uses cryptography to deny the victims access to their files. To get you to contact the criminals, this virus renames the files by adding the “Adage” extension and the “[email protected]” email … Continued

Adame Ransomware

Adame is a computer virus that is classified as ransomware. Why? Because it can completely overwhelm your system, encrypt all personal files stored on it, and then demand a ransom to be paid. Basically, ransomware is one of the two most scary common viruses – another one is trojan viruses that can steal your sensitive … Continued

.adobe ransomware

There are thousands of ransomware variants on the World Wide Web that come and go, no matter how persistent and sneaky they are, but it seems like recently users and malware professionals have been dealing with some crypto viruses for longer than they’d like to. This past year of 2018 and beginning of 2019, questions and desperate … Continued

Adonis ransomware

Adonis ransomware virus was written while using an Autoit programming language. The primary objective of Autoit was to generate automatic scripts for Windows applications, but over the years, its importance and means of utilization have shifted. We have already analyzed a couple of malware samples that were created with the Autoit language. In this article, … Continued

Age ([email protected]) Virus

There is a ransomware infection called Age that infects PCs and uses encryption to break files. The Age ransomware can be first recognized by the extension “.id[XXXXXXX-2495].[[email protected]].age” that is given to each of the locked files. This note includes an email address that belongs to the people who are responsible for the infection and a … Continued

Agho Ransomware

Agho is ransomware and it is very dangerous – it can corrupt your data, as well as install data stealers and other malware. It needs to be deleted before your computer can be used normally again. If Agho infected your device, it must have broken your files and changed their names to end with the extension … Continued

Ahihi ransomware

Ahihi, also known as BangLuongThang02 ransomware, is a recent cyber threat developed to lock personal victims’ files with difficult algorithms and ask for a payment in exchange for the decryptor. The only way hackers behind this malware can make their revenue is from the collected ransom, therefore the features of Ahihi cryptovirus are specifically designed … Continued

Alcatraz Ransomware

On the 30th of October, 2016, Alcatraz ransomware, also called as Alcatraz Locker, was spotted by xXToffeeXx, a malware researcher. This specific virus is an encryption trojan. The first word of this title means that the Alcatraz malware performs the encryption on the targeted machine, and the second part of the title refers to the … Continued

Alfa Ransomware

Alfa (also Alpha) ransomware is a new ransomware developed by the hackers of Cerber cryptomalware. This new ransomware threat is still being analyzed by cyber security experts at present. Thus, more detailed information is to be provided later on. So now let us proceed with the breaking news about Alfa virus. About Alfa Ransomware The … Continued

Alilibat Ransomware

Alilibat is file-locking ransomware. Part of the Scarab family, it has the potential to be very harmful: corrupt the files on the infected computer. If your computer is infected with Alilibat, the encrypted files have the .alilibat extension attached to their names. Additionally, a ransom note DECRYPT.TXT should be placed in your folders and a new desktop background … Continued

Alka Ransomware

Alka ransomware is a new malicious program spreading among pirated files. It gets downloaded on the computers of those who download infected files from the internet. Alka may install a spyware trojan but, most importantly, it encrypts most files and makes them unopenable and unusable. It also marks them by adding a second “.alka” extension … Continued

All_Your_Documents ransomware

A newly detected malware virus has been crowned and its title is All_Your_Documents. Basing our agreements on characterization of different categories of threats, we can state, hands down, that this sample is a ransomware. There is no need to contemplate too much and rack brains to determine the main goal of All_Your_Documents virus. It is … Continued

Alma Locker Ransomware

Alma Locker ransomware is a new ransomware threat discovered by Proofpoint researcher Darien Huss. Even though it uses the prevailing cipher, it is impossible to be cracked at this point in time. Read the following paragraphs to learn about this malicious app and ways you can prevent it from entering your computer’s system or the … Continued

Alpha Crypt Ransomware

Alpha Crypt Ransomware is a new version of Tesla Crypt ransomware that spreads along attachments of spam emails and once inside, locks important files without leaving any change to recover them, unless you pay for the decryption key. The ransom starts from $500 and it must be paid in Bitcoins. Unfortunately, even after paying it, … Continued

Alphabet virus

At first, Alphabet virus was described as a screen locker without a closer relation to crypto-ransomware viruses. This first version appeared in a form of a red lock screen that prevented users from logging into their Windows. Even though the screen indicated to encrypt files, such process did not actually occur. As the creators of … Continued

Amnesia ransomware

Amnesia is a ransomware virus that functions like most of the crypto-viruses around. The name Amnesia refers to not only one virus, but a specific family of this style of infections. A related sample is called CryptoBoss and it is a posterior variant but is structured similarly to its preceder. Additionally, there is a list … Continued

An Garda Siochana Trojan

An Garda Siochana Trojan (aka Ireland National Police Service virus) is a ransomware that infects computer systems using Trojans. It changes your Registry to enable itself to perform all actions that it planned. An Garda Siochina locks your computer so you cannot perform any actions – your PC will be completely blocked. You will only … Continued

Anatel Ransomware

Fear is the drive for mankind to be controlled by a stronger leader or abuser. You can corrupt the mind of a man who has reached its limits. One can only assume what emotions are triggered when crypto-ransomware viruses encroach on their victims’ privacy. People are desperately trying to find a solution and sometimes, neglecting … Continued

AndreaGalli Ransomware Virus

AndreaGalli Ransomware Virus – a very dangerous computer virus that can cause detrimental damage to your system. It data stored on the infected computer and then demands a ransom in order to decrypt those files. As far as we know, it origins from a HiddenTear ransomware family. We are already familiar with viruses from this … Continued

Angus Ransomware

Angus is a file type used to mark files that were encrypted by a ransomware virus. It’s a meaningless name that’s chosen randomly or at the discretion of the criminals who developed the cryptovirus. Angus happens to be used by a couple of ransomware types: Phobos – file.type.id[XXXXXXXX-2315].[[email protected]].angus Ouroboros – file.type.Email=[[email protected]]ID=[XXXXXXXXXXXXXXX].Angus It’s not special for … Continued

Annabelle 2.1 Virus

Annabelle 2.1 is obviously a sequel of Anabelle ransomware. In case you have never heard of the original Anabelle virus, it is a “devastating crypto-malware, created for sole purpose of messing up victims‘ computers”. Annabelle 2.1 is not so different – it’s kind of the same virus with some updated features. It’s still unknown whether … Continued

Annabelle ransomware

Annabelle ransomware virus is a devastating crypto-malware, created for sole purpose of messing up victims‘ computers. The character of Annabelle is a well-known symbol of a famous horror movie, and this suggests that victims of this virus are going to suffer from a horrific experience (). Even though crooks usually spread ransomware infections for the … Continued

Anoncrack ransomware virus

Anoncrack ransomware virus – yet another ransomware infection based on Hidden Tear open source ransomware base, such as Balbaz ransomware or Defray ransomware. It is a typical ransomware infection and if your computer is infected with it, you are about to face some pretty severe consequences. There are some good new – all ransomware infections … Continued

Anonymous virus

Anonymous virus is a ransomware that belongs to a group of Ukash payment related viruses that try to scare computer users into thinking that they have done something illegal and make them pay a fine for that. The program spreads on computers through malicious websites and can infect any computer system without any exceptions. The … Continued

ANSSI virus

ANSSI virus is a ransomware that infects computers randomly using Trojan viruses. The infection is also known as Office Central de Lutte contre la Criminalité virus. The main goal of this malware is to make computer users believe that they were included into some illegal business and then steal money from them. Basically, the program … Continued

Antix Ransomware

Antix is the name of a typical infection of an encrypting trojan, spread via infected spam e-mails. According to some sources it was first detected in the last week of October (2016), while other sources suggest that Antix ransomware was first discovered in December (2016). The relatively distinct feature of this crypto-malware is that Antix … Continued

Anubis ransomware

The God of afterlife is now attempting to send all your personal files to a graveyard. Anubis crypto-ransomware infection is a soulless monster which will have no problem getting a solid amount of your data encrypted with a strong algorithm. After that, the threatening figure will leave no time for objection. Instead, after the encoding … Continued

Apocalypse Ransomware

Apocalypse is a made-up super villain that is known from comic books. Also, another common way to interpret this word is to refer to the end of the world with it. You might not hear the seven trumpets or see a bright-shinning light in the case of Apocalypse ransomware. The apocalyptic vision of this Trojan … Continued

ApolloLocker ransomware virus

ApolloLocker ransomware virus is a new Turkish variant which is created in Visual Studio 2010 environment. This malware appends a very popular extension of .locked which is also exploited by many other crypto-viruses. BitPaymer, May and Amnesia samples are a few examples that add the same mark to the corrupted digital data. ApolloLocker computer virus: … Continued

Arena ransomware virus

It seems like Arena ransomware virus is a new and upgraded version of Crysis or Dharma ransomware infection. It was discovered by a famous ransomware researcher Michael Gillespie and published on . While some cyber security researchers consider Arena ransomware to be a new version of Dharma virus, others say that it’s the same virus … Continued

Arescrypt ransomware

Arescrypt ransomware, developed and publicly shared on Github back in December 2017 by and , currently caught eyes, presumably having a chance to become as misused as a . Developers of this open source ransomware, whose name means Arsenal of Reaping Exploitational Suffering (ARES), claim to share it just for educational purposes, because of the … Continued

ArgusCryptor Virus

ArgusCryptor or simply Argus ransomware is a dangerous computer infection that can completely take over your system and ruin most of your personal files.  Fortunately, this change is not permanent – there is a way to reverse the process and clean the system, restoring files that have been encrypted. Some cyber security experts also refer … Continued

Arma dei Carabinieri Virus

Arma dei Carabinieri Virus is one more ransomware program that blocks random systems and tries to get money from their users by accusing them of violating some law. This time the program attacks computers in Italy. Arma dei Carabinieri is in fact the national military police of Italy, so using this name makes users trust … Continued

Armageddon Ransomware

If you can’t open and use your files anymore, and if a window with the words “Dark Day” and a countdown timer has appeared on your screen, your computer might be infected with the Armageddon virus. The Armageddon ransomware is unusual and might be a new project, just yesterday, of some criminals, so there is little … Continued

Recent Posts

Security Guides

Recent Comments