Home Malware Programs Ransomware '.bRcrypT File Extension' Ransomware

'.bRcrypT File Extension' Ransomware

Posted: March 13, 2019

The '.bRcrypT File Extension' Ransomware is a file-locking Trojan that uses automatic encryption for holding your files hostage. The '.bRcrypT File Extension' Ransomware also creates text messages that deliver ransoming instructions for paying the threat actor in return for getting a possible decryption solution. The users should have backups of their media for safety's sake and let their anti-malware programs handle the removal of the '.bRcrypT File Extension' Ransomware, in most circumstances.

Trojans Being Friendly with Their Crimes

Some of the essential elements of nearly all families of file-locking Trojans include various formats of ransom notes, which may display through pop-up windows, simple text or an advanced HTML design. The contents of these instructions can determine whether or not the criminals extort money from their victims successfully, which face the possibility of not getting their files back if they don't pay. The '.bRcrypT File Extension' Ransomware, a new Trojan of this type with no known family subject to malware experts' identification, shows a campaign attempting a friendlier face than usual.

The '.bRcrypT File Extension' Ransomware's attacks are beginning on Windows systems in Pakistan even though the payload assumes targets that understand English. The '.bRcrypT File Extension' Ransomware encrypts files, including the typical media formats, but also less-usual ones like LNK (or shortcuts to local files). After the encryption, which includes prepending the file's previous size, the '.bRcrypT File Extension' Ransomware gives to the newly-locked media its custom extension.

The '.bRcrypT File Extension' Ransomware's ransoming message is a basic text file but uses a relatively friendly tone by referring to the reader as 'dear friend,' emphasizing the lack of permanent damage and presenting the free trial decryption enthusiastically. The threat actor does not, however, provide a set price, and asks for Bitcoins that the victim can't refund if there's no decryption after the fact. Malware experts can't track ransoming payments, at this time, but the users make such transactions at their own risk.

This Trojan might Be Crazy

Some experienced members of the anti-malware sector speculate that the '.bRcrypT File Extension' Ransomware is a possible variant of the CrazyCrypt Ransomware. However, if this is true, the '.bRcrypT File Extension' Ransomware represents a major payload update since it uses a simpler format of ransoming message and a different extension style. Users may submit samples to experienced anti-malware researchers for investigating whether or not the '.bRcrypT File Extension' Ransomware is decryptable as the February's CrazyCrypt Ransomware equally, which can open up additional data recovery routes.

For infection prevention, malware researchers encourage monitoring e-mail messages for suspicious attachments or links, disabling JavaScript and Flash, avoiding illicit or misappropriated product-themed downloads, and using secure passwords on your network logins. Backing up all files of value to other systems can help with recovery, as well, and could be the only solution available to most victims. Anti-malware products of most brands should, however, stop and remove the '.bRcrypT File Extension' Ransomware in time under normal circumstances.

There's no way of telling, based on the samples available, how the '.bRcrypT File Extension' Ransomware is getting to its victims. What is transparent, despite these limitations in information, is that the '.bRcrypT File Extension' Ransomware's campaign is underway and trying to make money off the public, at the expense of their files.

Loading...