Home Malware Programs Ransomware '.[volcano666@tutanota.de].volcano File Extension' Ransomware

'.[volcano666@tutanota.de].volcano File Extension' Ransomware

Posted: March 14, 2018

The '.[volcano666@tutanota.de].volcano File Extension' Ransomware is a Trojan that can use encryption for locking your files and stopping them from opening. Although this damage isn't permanent necessarily, the threat actor demands a ransom for giving you access to his decryption solution. Users can save their files with backups or free decryption tools, and anti-malware products should protect your computer by blocking and removing the '.[volcano666@tutanota.de].volcano File Extension' Ransomware.

Cybercrooks Dabbling in Insanity

Threat actors are deploying what seems likely of being a new variant of the InsaneCrypt Ransomware, with only updates to the contact information being new to the Trojan. Besides the changes to its ransoming instructions, the '.[volcano666@tutanota.de].volcano File Extension' Ransomware also includes the old program's functional, but non-secure, encryption, which it uses for locking the user's files. Formats most at risk from the '.[volcano666@tutanota.de].volcano File Extension' Ransomware infections include recreational and work-based media, and, particularly, any Microsoft Office files.

The '.[volcano666@tutanota.de].volcano File Extension' Ransomware could be infecting most PCs running modern versions of Windows through exploits including, but not limited to, e-mail attachments, website scripts, and 'brute-force' attacks against the user's login credentials. This Trojan possesses two variants: one for 32-bit Windows PCs and another for 64-bit systems. Any system lacking anti-malware protection for disabling the '.[volcano666@tutanota.de].volcano File Extension' Ransomware is vulnerable to its encryption feature, which scans for and encrypts different formats of files, such as pictures, spreadsheets, documents or slideshows.

Just like InsaneCrypt Ransomware, the '.[volcano666@tutanota.de].volcano File Extension' Ransomware also creates a text file for telling the users how to pay its ransom for unlocking their media. The minor typos and other formatting details of the old Trojan are intact in the '.[volcano666@tutanota.de].volcano File Extension' Ransomware's version, although the cybercrooks sometimes collect the notes of separate campaigns and may obscure the identity of a Trojan deliberately.

Getting a Software Volcano to Cool Off

Since the '.[volcano666@tutanota.de].volcano File Extension' Ransomware is a likely derivative of a GitHub project, its source code is available to virtually anyone, and malware researchers aren't able to confirm the identity of its threat actors. There is a decryption program for free downloading that's compatible with the InsaneCrypt Ransomware (as well as its ancestor, DesuCrypt), but this application may require updating for the new release. Contact an anti-malware researcher familiar with file-locking threats for any other help you require, and never decrypt the only copy of a file unless you're sure of its success.

Scanning possibly unsafe downloads, such as e-mail attachments, disabling exploitable content, like scripts, and staying abreast of prominent tactics (such as fake delivery alerts) are all useful for blocking this Trojan at its delivery stage. Although traditional cyber-security products don't offer decryption services, they can delete the '.[volcano666@tutanota.de].volcano File Extension' Ransomware and keep its attacks from happening. Since there is a risk of ongoing data loss from any infection with an encryption-oriented payload, malware experts don't recommend deleting this threat manually.

The '.[volcano666@tutanota.de].volcano File Extension' Ransomware is a branch sprouting off of a tree that's free to the public for access. The average computer owner should be grateful that not many threat actors are taking GitHub up on its offer of free, albeit non-secure, Trojans.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to '.[volcano666@tutanota.de].volcano File Extension' Ransomware may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria .

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.