Home Malware Programs Ransomware .PLEASE_CONTACT_1398456099@qq_com' Ransomware

.PLEASE_CONTACT_1398456099@qq_com' Ransomware

Posted: May 31, 2019

It is not uncommon for cybercriminals to try and piggyback on the popularity of notorious cyber threats. This is the exact strategy used by the author of the '.PLEASE_CONTACT_1398456099@qq_com' Ransomware, a low-quality file-locker that mimics the design and interface of the WannaCryptor Ransomware (WanaCrypt0r Ransomware). Thankfully, the '.PLEASE_CONTACT_1398456099@qq_com' Ransomware is not as threatening as the latter, but it certainly should not be underestimated since it still can encrypt popular file formats and prevent users from accessing them.

The '.PLEASE_CONTACT_1398456099@qq_com' Ransomware is likely to originate from Russia since the authors use a QQ account for contact. Furthermore, the contents of the ransom note show that this might be a project made for fun since the attackers claim to have encrypted the homework of their victims – maybe they are planning on focus high school attendees? Regardless of the target group and intentions of the attacker, it is indisputable that the '.PLEASE_CONTACT_1398456099@qq_com' Ransomware has the ability to encrypt files and make their recovery a potentially impossible task.

After the '.PLEASE_CONTACT_1398456099@qq_com' Ransomware executes its attack, it will add the extension ‘.PLEASE_CONTACT_1398456099@qq_com’ to all encrypted files. After this step is complete, it shows the ransom message in a new window under the name ‘WanaDecrypt0r.’ As mentioned above, the window mimics the ransom note design used by the infamous WannaCry infection. The text of the ransom note is available in English, Chinese, and German – surprisingly, it does not mention a ransom amount, although the authors have provided a Bitcoin wallet address for payments.

While the '.PLEASE_CONTACT_1398456099@qq_com' Ransomware does not seem to be a very serious project, it can still be very damaging if it manages to sneak onto an unprotected computer. Victims of the '.PLEASE_CONTACT_1398456099@qq_com' Ransomware should not cooperate with the perpetrators since it is unlikely that they will assist them with the recovery of their files. The shortest way to proceed is to eliminate the '.PLEASE_CONTACT_1398456099@qq_com' Ransomware with the help of a trustworthy anti-virus product, and then look into alternative file recovery options.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to .PLEASE_CONTACT_1398456099@qq_com' Ransomware may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria .

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.