Radamant Ransomware Description
The Radamant Ransomware is a file encrypting Trojan that makes your files unreadable as part of a tactic to ransom their safe return in exchange for money. While such attacks are hardly unique, malware experts have since verified that the Radamant Ransomware makes legitimate encryption attacks, rather than faking the appearance of such attacks, and also may take further steps, such as deleting any local backup data. Recovering data lost from these infections is currently heavily reliant on remote backup strategies; meanwhile, removing the Radamant Ransomware is recommended only with help from your onboard anti-malware products.
The Latest Face of Threats on Facebook
Considering the importance of the appearance of threats in a threat attack, not all types of ransomware follow through on their supposed encryption of your files. Unfortunately, even simple forms of encryption may be relatively difficult to crack, and many threat authors put in the effort for the sake of increased profitability. The Radamant Ransomware is a new case of a file encrypting Trojan following up on its attacks with genuine AES-256 encryption. The aftermath of such an attack is that all files targeted and modified by the Radamant Ransomware are no longer readable.
While the Radamant Ransomware is new, malware researchers have seen early evidence of the Radamant Ransomware's admin using social networking tactics to install this threat. Platforms like Facebook and Twitter may host obfuscated Web links including redirects to the Radamant Ransomware installers, which are likely to disguise themselves as another kind of content, such as a Windows update. Some personal Web domains also have been linked to the Radamant Ransomware: crazytrevor.in and crazytrevor.com, although both of these sites are serving as Command & Control administrative servers, rather than distribution hotspots.
After attacking your files, the Radamant Ransomware places an HTML instructional file on your desktop that includes its ransom instructions. As usual, the Radamant Ransomware prefers BitCoin payments, with the current ransom demands staying slightly over 200 USD.
Dimming the Lights on a Not-So-Radiant Ransomware Campaign
The Radamant Ransomware's scans include extremely large format ranges, from image files to text documents, to spreadsheets, and other file types too numerous to list in full here. Files affected by the Radamant Ransomware encryption may be identified by their extension change, which includes an appended '.RDM' type. Note that there are some gaming applications (primary Ragdoll Soft products) that use the RDM file type by default, and are unrelated to the Radamant Ransomware attacks.
The Radamant Ransomware also deletes your local Shadow Volume Copies data, which its victims could have used to restore their files. Instead of depending on local backups or paying the Radamant Ransomware's ransom, malware experts recommend keeping multiple backups in safe locations, such as in a cloud server or a removable hard drive. Other PC security entities also have made positive statements on the potential development of decryption utilities for the Radamant Ransomware, which will be made public for free.
Guarding your computer against threat intrusions by observing which links you click is much simpler than removing the aftereffects of any file encryptor. For PC users for whom protecting their data is already too late, deleting the Radamant Ransomware always should use anti-malware programs able to detect all other threats and system changes that could have associations with this threat.
Use SpyHunter to Detect and Remove PC Threats
If you are concerned that malware or PC threats similar to Radamant Ransomware may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.
Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.
File System Modifications
The following files were created in the system:
%APPDATA%26e8403a.exeFile name: 26e8403a.exe
Size: 110.4 KB (110407 bytes)
Detection count: 20
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: March 4, 2016