BURAN Ransomware
The BURAN Ransomware is believed to be a variant of the ‘.jamper File Extension’ Ransomware since both of them share some similarities in the encryption algorithm they use to lock the files of their victims. Unfortunately, the encryption that the attackers have implemented appears to be secure, and this means that it may be impossible to decipher it and create a free decryptor to help out victims of the BURAN Ransomware.
The BURAN Ransomware is likely to reach potential targets via phishing emails that contain a corrupted file attachment – often disguised as a legitimate document. Users who have the unfortunate luck to download and open the infected file may end up introducing the BURAN Ransomware to their computers unknowingly. Of course, this would not happen if they had a reputable anti-virus product to stop the threat, but, unfortunately, a large percentage of ransomware victims do not use any cybersecurity software.
Once the BURAN Ransomware is started, it may scan the user’s hard drive and encrypt the contents of specific file formats immediately – documents, spreadsheets, presentations, videos, images, music, archives, etc. It would appear that the BURAN Ransomware generates a unique ID for every victim, and then it adds it to the end of the name of every locked file – for example, ‘cv.pdf’ might be renamed to ‘cv.pdf.3674AD9F-5958-4F2A-5CB7-F0F56A8885EA.’
Of course, the attack is finalized by dropping the ransom note ‘!!! YOUR FILES ARE ENCRYPTED !!!.txt,’ which contains contact details and instructions on what the victims need to do if they want to be able to use their data again. Unfortunately, the proposal of the attackers is not acceptable – they want to be paid a ransom payment in Bitcoin, and then contacted by using either recovery_server@protonmail.com or recovery1server@cock.li. We advise against cooperating with the BURAN Ransomware’s authors because they may not meet their end of the deal even if you send them the ransom payment.
Due to the lack of a free decryptor, the only reliable way to undo the damage done by the BURAN Ransomware is to recover your original files from a backup. If you do not have a security copy of your data, then we suggest that you look into data recovery software. Of course, your top priority should be to ensure the BURAN Ransomware’s removal by using an up-to-date anti-malware cleaning tool.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.