Home Malware Programs Ransomware Recognizer Ransomware

Recognizer Ransomware

Posted: April 5, 2019

The Recognizer ransomware is a relatively new threat that belongs to the Paradise Ransomware family of encryption ransomware. After encrypting most of the victim's files, they are left with the unusually long "_ _{file@p-security.li}.Recognizer" extension. An encrypted "example.jpg" would become "example.jpg_ _{file@p-security.li}.Recognizer." After it has managed to encrypt all your files, the Recognizer ransomware will create a ransom note named "Instructions with your files.txt" on your desktop. The instructions inform you that "All your files have been encrypted due to a security problem with your PC. If you want to restore them, write to us to the e-mail file@p-security.li."

The note continues to explain to the victims that they have to pay a ransom in the form of Bitcoin if they want to get their files back. The cybercrooks don't demand a specified amount of money, but rather tell you that the price depends on how fast you write to them. They try to ensure the victim that they are capable of decrypting the data by offering to decrypt up to 3 files that must not contain valuable data or exceed 1MB. The threat actors also warn that any attempts to rename or decrypt the files by yourself might end in permanent data loss. While they do not specify a price in the ransom note, reports indicate that it ranges from $500 to $1500. Paying them is strongly advised against, as cybercriminals tend to not keep their promises and disappear as soon as they have their money.

There are no decryption tools for the Recognizer ransomware currently. The only viable option is to have a backup of all your most valuable files either on remote servers or on unplugged storage devices, as any locally stored backups will be corrupted alongside regular data.

Loading...