codnat1 Ransomware

Having your files locked up by the codnat1 Ransomware is guaranteed to be an unfortunate experience because of this file-encryption Trojan’s ability to cause massive amounts of damage to unprotected file systems. This particular file-locker is not new entirely since a large portion of its code is based on the STOP Ransomware project, an infamous ransomware family whose activity has spiked in the past few months. Currently, the only guaranteed way to undo the damage done by the codnat1 Ransomware is to restore your files from a backup. The authors of the ransomware claim that they have a fully working decryptor, but they are only willing to provide it in exchange for a hefty amount of money that should be transferred via Bitcoin. Needless to say, using a cryptocurrency to send money to cybercriminals is a risky task, and you may end up empty-handed easily.

Just like almost any other file-locker, the codnat1 Ransomware also uses a special file extension to mark the names of all files it encrypts – ‘.codnat1.’ At the end of its attack, the codnat1 Ransomware drops a ransom not called ‘_readme.txt,’ which contains payment instructions and contact details.

The perpetrators want to be contacted via the email gorentos@bitmessage.ch, but they do not provide information regarding the amount of money that the victim will be asked to pay. Other STOP Ransomware variants have requested up to $400-500 via Bitcoin so that it is likely that the case of the gorentos@bitmessage.ch will not be any different. Regardless of the amount the attackers ask for, you should not agree to pay them anything. Do not forget that you are dealing with anonymous criminals who may take the money without providing you with a decryptor easily.

The best thing to do as a victim of the codnat1 Ransomware is to disregard the ransom message and run an anti-malware tool to get rid of the harmful program. Then, you should restore your files from a backup (if available), or turn to alternative data recovery tools and methods.