PrOtOnIs Ransomware Description
The PrOtOnIs Ransomware is a new version of the Xorist Ransomware, a kit-based, file-locking Trojan that encrypts your digital media. These attacks keep files, such as documents, pictures or audio clips, from opening until another program decrypts them. There is a free decryption solution for this family, and all victims should delete the PrOtOnIs Ransomware with a trusted anti-malware product before recovering their work.
Middlemen-Based Ransomware Continues Booming
More and more, the skill a threat actor has at programming file-locking programs is becoming less relevant to whether or how he's distributing or profiting from them. Between Ransomware-as-a-Service and freeware models like the semi-public domain Hidden Tear, criminals have an array of suitable options for attacking the files of strangers, such as the the Xorist Ransomware family. This kit-based series of threats is responsible for file-locking Trojans like the TaRoNiS Ransomware, the Cryptedx Ransomware, the Blocked2 Ransomware, the AAC Ransomware, and the still-new the PrOtOnIs Ransomware.
The PrOtOnIs Ransomware may use one of the pseudo-rare encryption choices of XOR or TEA algorithms for locking your files, an attack that it loads without alerting the user with visible symptoms. There are two, small variants of how it formats the filenames of the locked files afterward, one of which adds a '.PrOtOnIs.VaNdElIs' extension, and one of which uses '.PrOtOnIs.'
Both versions of the PrOtOnIs Ransomware create 'HOW TO DECRYPT FILES' text messages that deliver the threat actor's ransoming demands. The cost of the Trojan's recommended decryptor is just over five hundred USD in Bitcoins, a fee that's typical for campaigns that attack systems not related to multinational businesses, governments or other, well-financed entities. Regardless of your funds, malware experts don't encourage paying; the PrOtOnIs Ransomware does have a free decryption equivalent available to the public.
The Standard Defenses against Assembly Line Trojans
Researchers are offering a free decryption service for the PrOtOnIs Ransomware and other versions of the Xorist Ransomware. However, this solution requires both encrypted and unencrypted copies of the same file, and, therefore, doesn't replace the need for keeping backups of your media completely. Content that malware experts advise backing up includes text documents, audio clips, movies, databases, and Microsoft Office media especially.
The PrOtOnIs Ransomware is in circulation, but its victims have yet to provide any in-depth information on how their PCs became compromised. Infection methods that malware analysts often correlate with file-locking Trojans include spam e-mail-based attachments and brute-force attacks that crack network login credentials. Ordinarily, any anti-malware product should remove the PrOtOnIs Ransomware preemptively from your PC.
A bare minimum of security standards while browsing the Web, in conjunction with good backup habits, remain the best ways of stopping file-locker Trojans from profiting. Since the PrOtOnIs Ransomware is likely of being followed up by numerous offspring, all readers should take that lesson to heart.
Use SpyHunter to Detect and Remove PC Threats
If you are concerned that malware or PC threats similar to PrOtOnIs Ransomware may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.
Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.