Suspended Ransomware
The Suspended Ransomware is a slightly modified version of the STOP Ransomware, and it has already managed to infect at least a couple of victims in different regions of the world. One of the easiest ways to identify the Suspended Ransomware’s attack is to take a look at the names of your files – if they have been renamed to include the ‘.SUSPENDED’ extension, then you files have been taken over by the Suspended Ransomware. Unfortunately, recovering from this situation is not an easy task since this file-encryption Trojan uses a strong file-encryption algorithm to ensure that you will not be able to access your data unless the attackers help you recover it.
After the Suspended Ransomware completes the attack, it drops a ransom note called ‘!!!RestoreProcess!!!.txt’ that the victim may be asked to open. The contents of the file reveal that the attackers use the emails suspendedfiles@india.com and suspendedfiles@bitmessage.ch for contact. In addition to this, they reveal that their decryption services are not free, and victims must agree to pay a substantial ransom fee if they wish to be able to access their files again.
To nobody’s surprise, the authors of the Suspended Ransomware say that the only payment method they work with is Bitcoin – a cryptocurrency that guarantees the anonymity of the parties involved in the transaction and prevents the sender from canceling or reversing the money transfer. Naturally, we would not advise you to agree to send money to the criminals behind this project due to several reasons:
- They are anonymous cybercriminals who may not fulfill their part of the deal.
- You receive no guarantee that they can decrypt your files, or you were to receive the decryptor you were promised.
- All ransom payments that the authors of the Suspended Ransomware receive may be used to fund their future malware projects.
The advice to users whose files were taken hostage by the Suspended Ransomware is to ignore the ransom note provided by the file-locker. Cooperating with the attackers will not get you anywhere, and you should opt to rely on legitimate software to help you recover. The first step towards recovery is to use an up-to-date anti-virus program to dispose of the Suspended Ransomware’s files. After this step is complete, you should attempt to restore your files from a backup if you have one available, or you can turn to alternative data recovery software suites.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.