Roldat Ransomware

The STOP Ransomware continues to serve as inspiration for cybercriminals who want to extort their victims for money after they are done encrypting their files. The latest file-locker based on his project is the Roldat Ransomware, and having it on your computer is guaranteed to have bad results for your files – this ransomware is capable of encrypting a broad range of file formats, therefore making it impossible to access or recover their contents.

All files that the Roldat Ransomware locks will have their extension modified to ‘.roldat’ – for example, the file ‘image.png’ would be named ‘image.png.roldat’ after the attack is complete. Of course, the authors of the Roldat Ransomware want to make money out of this operation, and this is why all attacks are finished by dropping the ransom note ‘_readme.txt.’ This file tells victims to message gorentos@bitmessage.ch for file recovery instructions, and it also warns them that they will need to agree to pay a ransom fee if they want to be able to use their files again. However, there is no evidence that the attackers possess a decryptor, so you should certainly not agree to send them any money.

Sadly, recovering from the attack can be a challenging task that may often end up being impossible to complete. The only guaranteed way to undo the damage done by the Roldat Ransomware is to restore the locked files from a reserve copy. If you do not possess a backup copy of your files, then you might need to resort to alternative data recovery options that may not always yield satisfying results. Do not forget that before you try getting any of your files back, you should make sure to eliminate the file-locker files with the use of a reliable anti-malware scanner.