'.cryptoid File Extension' Ransomware
The '.cryptoid File Extension' Ransomware is a file-locker that uses the same file extension as the CryptoID Ransomware, but these two threats are not related in any way, apart from the fact that they are meant to encrypt the files of their victims. Cybersecurity researchers have determined that the '.cryptoid File Extension' Ransomware is a version of the infamous Aurora Ransomware, a file-locker whose source code has been used to craft a dozen file-encryption Trojans.
It would appear that the '.cryptoid File Extension' Ransomware might target a specific region since it uses a ransom note written in Turkish, and there are no translations available. While this is likely to mean that Turkish users will be its primary targets, it is possible that the propagation campaign its authors use may end up reaching other parts of the world too.
The '.cryptoid File Extension' Ransomware is likely to be distributed via fake emails that are designed to look as if they contain an important file attachment. Often, the criminals behind the spam campaigns may register domain names that mimic the ones used by legitimate companies, therefore making it more likely that the recipient will think that the fake message comes from a reputable source.
The '.cryptoid File Extension' Ransomware’s attack is likely to leave the victim with a hard drive full of locked documents, images, songs, videos, databases, archives and other files. Whenever the file-locker encrypts a file, it may add the ‘.cryptoid’ extension to its name and make it easy for the victim to recognize the files they have lost. Last but not least, the '.cryptoid File Extension' Ransomware drops three ransom notes that contain the Turkish message - @@_BENI_OKU_@@.txt, @@_DIKKAT_@@.txt and @@_SILINEN_VERILER_@@.txt.
The attackers ask to be contacted by messaging krkcdkkn@gmail.com for payment instructions – they state that the recovery of the files is impossible unless the victim purchases a decryptor from the attackers. We do not advise you to pay them since there is no proof that they will fulfill their part of the deal – even if you send them the money, you might end up being tricked. The suggestion is to use an anti-virus scanner to eradicate the '.cryptoid File Extension' Ransomware’s files, and then look into free data recovery options.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.