Cetori Ransomware
Keeping up-to-date backups of your files is crucial if you want to have peace of mind knowing that your files are safe in case of an accident – hardware failure, accidental deletion, hacker attack or ransomware. The last entry of dangers has been topping the news headlines in the past few years, but, regretfully, this has not been enough to convince users to take advantage of data backup solutions. This also is one of the primary reasons why the ransomware business continues to be profitable for cybercriminals, and why anti-virus product vendors have to combat new file-lockers such as the Cetori Ransomware.
The Cetori Ransomware was spotted in mid-August, and it is a fully weaponized file-encryption Trojan that possesses the ability to encrypt a huge number of file formats in a very short amount of time. The purpose of its attack is to prevent the victim from accessing their files – documents, images, archives, databases, etc. Whenever the Cetori Ransomware locks a file, it also will apply a change to its name by appending the '.cetori' extension. Another change that it brings is the creation of a text file on the desktop – it is called '_readme.txt' and contains a message from the perpetrators of the attack.
The Cetori Ransomware is based on the STOP Ransomware, and its authors use the addresses gorentos@bitmessage.ch and gorentos2@firemail.cc for contact. They also use the Telegram profile @datarestore, so that's another way they victims can get in touch with them. The attackers claim to own a working decryptor that their victims can purchase for $490 that must be paid via Bitcoin.
We advise you to avoid contacting the authors of the Cetori Ransomware since it is very unlikely that they will assist you unless you pay them. Paying the criminals is not recommended since it would be easy for them to trick you, and there is no guarantee that they have a working decryption tool. The suggestion is to eliminate the Cetori Ransomware with the help of an anti-virus product, and then recover your files from a backup or look for other data recovery options.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.