Reycarnasi1983@protonmail.com Ransomware

The Reycarnasi1983@protonmail.com Ransomware is a file-locking Trojan that encrypts your files and holds them captive until you pay for its decryptor. Because the Reycarnasi1983@protonmail.com Ransomware is a variant of the B2DR Ransomware, it has no public decryption solution, and users should recover from backups, if possible. Most anti-malware applications also should delete the Reycarnasi1983@protonmail.com Ransomware without allowing any harm to your local files.

A March's Trojan Comes Back for More (of Your Media

The file-ransoming industry is full of families of Trojans with minor variations on each other, many of which include no changes any greater than swapping out e-mail addresses or C&C server credentials. Despite that, malware analysts have no choice but to add another family to the databases, courtesy of the Reycarnasi1983@protonmail.com Ransomware. This variant of March 2018's B2DR Ransomware uses similar, encryption-based attacks against data for making money.

Although its infection strategies are in the air, the Reycarnasi1983@protonmail.com Ransomware could be attacking new PCs via spam e-mail, Remote Desktop Protocol (RDP) vulnerabilities, or brute-force, password-cracking software. Malware experts are confirming the Reycarnasi1983@protonmail.com Ransomware's being in some level of circulation already. If security protocols don't block the threat automatically, it searches for and locks with AES encryption, a range of media types, including ones of multi-gigabyte sizes.

The threat actors also are providing a minor variant of the B2DR Ransomware's original note under the new name of 'ScrewYou.txt.' Malware experts recommend against abiding by any ransoming instructions ordinarily, but the offer of free samples of the decryptor's output does provide a limited data recovery option for any victims. There is no public decryption application for the B2DR Ransomware, which makes the Reycarnasi1983@protonmail.com Ransomware capable of locking your files perpetually.

Shutting Down the Line of Profit for a Trojan's Update

The Reycarnasi1983@protonmail.com Ransomware's campaign, like that of its ancestor, may target vulnerable server owners or business networks, government systems or even NGOs. Almost all attacks of this nature use one of two infection methods:

• E-mail attachments may distribute the Reycarnasi1983@protonmail.com Ransomware's executable directly, or conceal a Trojan dropper or Trojan downloader for it inside of another file, such as a corrupted document.
• Networks with non-secure passwords (defaults, short strings with limited character variation, etc.) are at risk of suffering from so-called 'brute force' attacks. After brute-forcing the login combination, a criminal can opt to install and run other software, usually, with RDP features.

File-locking Trojans using unbreakable encryption methods aren't uncommon in the wild, and malware experts advise keeping backups for protecting your files from them. Portable devices, cloud services, and additional PCs without lax network accessibility features can give a victim a way of recovering any locked media. If removing the Reycarnasi1983@protonmail.com Ransomware is necessary, victims should run an appropriate anti-malware product, especially, one that already detects B2DR Ransomware as a threat accurately.

The Reycarnasi1983@protonmail.com Ransomware is one of an epidemic of cases of threat actors recycling old assets for re-launching their file-ransoming campaigns. Unlike most instances, however, the fact that it uses such a little-known source may mean that the future will hold more 'patches' for the B2DR Ransomware.