The 'email@example.com' Ransomware is a variant of the Scarab Ransomware, a family of file-locker Trojans distributing under a Ransomware-as-a-Service or RaaS rental model. The 'firstname.lastname@example.org' Ransomware can, like any other member of this group of threats, use attacks that encrypt and block your files until you pay the ransom it specifies in its text messages. Users should uninstall the 'email@example.com' Ransomware with their preferred anti-malware program and use free backups or professional decryption software when their files require it.
A Criminal Jumping Ship... to a More Convenient Vehicle
A threat actor who began extorting money by locking his victims' files with the AnimusLocker Ransomware family is switching over to another, RaaS competitor: the Scarab Ransomware. This change could be an attempt at avoiding the working decryption services provided by various members of the cyber-security community for the AnimusLocker Ransomware, even though many versions of the Scarab Ransomware also are compatible with public file-unlocking solutions. While the 'firstname.lastname@example.org' Ransomware's attacks only began recently, malware researchers are tracking multiple victims in its campaign.
Unlike some of the more significant members of the same family, the 'email@example.com' Ransomware uses English-based ransoming notes and shows no inclinations towards attacking Russian PCs. The 'firstname.lastname@example.org' Ransomware and other Scarab Ransomware variants suppress any visual symptoms during their installation and encryption routines, which, ultimately, block media files in various locations, such as the desktop and the user's downloads folder, with an AES encryption algorithm. The 'email@example.com' Ransomware also adds the e-mail in its name to the filenames of everything that's locked, thereby giving the user a way to search for any encrypted data.
The 'firstname.lastname@example.org' Ransomware also drops what is, by now, an archetypal ransoming message in Notepad's native format, claiming that there's a 'security problem' with the PC and giving the victim additional ransoming instructions. Since there are decryption services available for many versions of the Scarab Ransomware, the users should consider using that solution instead of giving the criminal money for the help that he may not give back to them.
Noticing the Differences Between a Trojan's Looks and Its Attacks
Since the extensions and e-mail addresses it uses are some of the most casually-available pieces of evidence for tracking a file-locking Trojan's identity, the victims of the 'email@example.com' Ransomware's attacks may suffer from inaccurate assumptions immediately. The use of a decryption solution for a different family than the Scarab Ransomware only can corrupt any encrypted files and, most likely, make them unrecoverable. Copying your files before decrypting them and having backups, especially, backups on other devices, are useful precautions for dealing with the 'firstname.lastname@example.org' Ransomware infections.
Every new threat actor taking advantage of a Ransomware-as-a-Service product is, in theory, capable of using a different strategy for installing the Trojan. Despite that caveat, malware experts, usually, find versions of the Scarab Ransomware present after the original users neglect their login credentials' security or open a corrupted e-mail attachment. Although many brands of anti-malware programs can delete the 'email@example.com' Ransomware easily, they can't unlock any files.
The 'firstname.lastname@example.org' Ransomware's campaign is a live showing of a criminal who's modernizing his Trojans for counteracting the solutions of the cyber-security industry. However, one thing that applies just as well to the 'email@example.com' Ransomware as it does to the AnimusLocker Ransomware is the always-relevant defense of a secure backup.
Use SpyHunter to Detect and Remove PC Threats
If you are concerned that malware or PC threats similar to firstname.lastname@example.org Ransomware may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.Download SpyHunter's Malware Scanner*
Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.