The AlumniLocker Ransomware is an emerging cyber-threat whose operators are relying on phishing emails to reach potential victims. The topic of the emails is usually related to payments or invoices, and the recipient is asked to download and review a PDF attachment. According to the mail's body, the attachment contains an invoice but, in reality, it is a fake file designed to extract and run a corrupted ZIP archive. Once the AlumniLocker Ransomware is up and running, it starts encrypting files by using an encryption routine identical to the one found in the Thanos Ransomware family. However, there is not enough information to determine whether the same group of criminals is behind both of these projects.
The files that AlumniLocker Ransomware locks will have the '.alumni' suffix added to their name. As for the files that are harmed by the AlumniLocker Ransomware, the locker goes after over a hundred file extensions to maximize the damage it causes. After completing the attack, the ransom note 'HOW_TO_RECOVER_YOUR_FILES.txt' is dropped on the desktop.
Over the past year, a large number of ransomware operators evolved their extortion tactics by threatening to release the victim's data on the Internet if they do not pay a ransom sum. Of course, they also ask to receive a payment and promise to provide a decryption tool in return. The AlumniLocker Ransomware follows the same strategy, and its creators threaten to publish data on a public website unless the victim pays a ransom fee of 10 Bitcoin. The good news is that AlumniLocker Ransomware's website appears to be offline, which may mean two things – either the criminals are bluffing and they cannot publish files, or they are still working on their project.
Paying a ransom fee of $500,000 is out of the question, and victims should never consider it. It is not yet clear whether AlumniLocker Ransomware's creators plan on publishing collected data online. The best thing victims of the AlumniLocker Ransomware can do is to ignore the message of the extortionists, and then run a malware removal tool to eliminate the threatening program. Finally, they can proceed to recover the files from a backup or experiment with other data recovery options.
Use SpyHunter to Detect and Remove PC Threats
If you are concerned that malware or PC threats similar to AlumniLocker Ransomware may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.
Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.