CryptoHitman ransomware is an updated version of Jigsaw ransomware. This new Jigsaw ransomware variant applies the same encryption algorithms. It is renamed CryptoHitman because it uses the image of the character from the Hitman video games and movies on your lock screen. Apart from that, CryptoHitman ransomware replaces the lock screen with pornographic images. This could be very dangerous in the workplace environment. It may cost you a lot of nerves and put you in an unenviable embarrassing situation.
Things You Need to Know about CryptoHitman ransomware
CryptoHitman ransomware just like Jigsaw ransomware encrypts your files with AES encryption algorithm. This crypto malware affixes .porno extension to the names of those files. Then CryptoHitman virus displays a window with the ransom note. The message informs you about the encryption and presents with further instructions. You have to contact the cyber criminals through [email protected] e-mail and make the ransom payment of 150USD to get the decryption key. The payment must be transferred in Bitcoins. You are provided with the payment BTC address. If you fail to comply with their requirements, every hour data will be deleted. This will continue till you pay the ransom or none of your files will be left.
How does CryptoHitman ransomware Infiltrate Your Computer?
CryptoHitman file encryptor may infect your computer through spam email and their attachments. Thus, you should refrain yourself from browsing the spam folder since it is an automatic function of your e-mail that safeguards you from malicious content. If an official letter falls into the spam box, it is most probably a Trojan horse from which you should keep away.
The other technique CryptoHitman ransomware executes is the exploit kits. The exploit kits are software kits that run on web servers and are designed to detect software vulnerabilities in your computer. Once they detect such vulnerabilities, they execute malicious codes on your computer’s system.
How to Decrypt Files encrypted by CryptoHitman ransomware
Luckily CryptoHitman is a decryptable ransomware. Open Windows Task Manager and terminate suerdf.exe and mogfh.exe processes. Then, run MSConfig and disable the startup entry related to these executables. After you have terminated and disabled the startup of CryptoHitman ransomware, go to https://download.bleepingcomputer.com/demonslay335/JigSawDecrypter.zip and download the Jigsaw Decryptor (remember it is the previous version of CryptoHitman). Double-click the JigSawDecrypter.exe. You will be presented with the window. Select the directory of encrypted files and click Decrypt My Files button. When the decryption will be over, the screen will announce that the files are decrypted.
No you see that paying the ransom is the waste of your precious time and money. Perform the decryption procedure as described above. For extra security and warranted removal of CryptoHitman ransomware employ professional anti-malware removal tools such as Spyhunter and Malwarebytes.
Automatic Malware removal tools