'tedmundboardus@aol.com' Ransomware
A new ransomware threat called the 'tedmundboardus@aol.com' Ransomware has been detected by the cybersecurity community. After analyzing its code, the 'tedmundboardus@aol.com' Ransomware appears to be a new variant of the Phobos Ransomware, a malware that was released back in October 2017. It should be noted that earlier this year, in January, another Phobos variant - the 'Job2019@tutanota.com' Ransomware was caught in the wild.
As for 'tedmundboardus@aol.com' Ransomware, it operates as a typical data encryption malware. The 'tedmundboardus@aol.com' Ransomware most likely attempts to enter the computers of unsuspecting users through spam emails with corrupted attachments. When the 'tedmundboardus@aol.com' Ransomware downloads into the system successfully, it starts encrypting the most popular user-created files with a strong encryption algorithm. Each affected file will have a new extension, '.phobos!' added to the end of its file name. The instructions from the cyber-criminals for the ransom payment and contact methods are contained in a text file created by the ransomware. It can be either 'info.txt' or 'info.hta.' Victims of this ransomware are given two email addresses for contact with the cybercriminals - 'tedmundboardus@aol.com' and 'tylecotebenji@aol.com.'
The content of the ransom note is:
'All your files have been encrypted!
All your files have been encrypted due to a security problem with your PC. If you want to restore them write to us to the email tedmundboardus@aol.com
Write this ID in the tile of your message:
In case of no answer in 24 hours write us to this email tylecotebenji@aol.com
If there is no response from our email, you can install the Jabber client and write to us in support of phobos_helper.xmpp.jp
You have to pay for decryption in Bitcoins. The price depends on how fast you write to us. After payment we will send you the decryption tool that will decrypt all your files.'
Victims of 'tedmundboardus@aol.com' Ransomware should clean their compromised computes with a legitimate anti-malware software and attempt to restore their data from a backup. If such a backup is unavailable, it is advised to store the encrypted files and wait for a potential decryption tool to be created.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.