'.[volcano666@tutanota.de].volcano File Extension' Ransomware

The '.[volcano666@tutanota.de].volcano File Extension' Ransomware is a Trojan that can use encryption for locking your files and stopping them from opening. Although this damage isn't permanent necessarily, the threat actor demands a ransom for giving you access to his decryption solution. Users can save their files with backups or free decryption tools, and anti-malware products should protect your computer by blocking and removing the '.[volcano666@tutanota.de].volcano File Extension' Ransomware.

Cybercrooks Dabbling in Insanity

Threat actors are deploying what seems likely of being a new variant of the InsaneCrypt Ransomware, with only updates to the contact information being new to the Trojan. Besides the changes to its ransoming instructions, the '.[volcano666@tutanota.de].volcano File Extension' Ransomware also includes the old program's functional, but non-secure, encryption, which it uses for locking the user's files. Formats most at risk from the '.[volcano666@tutanota.de].volcano File Extension' Ransomware infections include recreational and work-based media, and, particularly, any Microsoft Office files.

The '.[volcano666@tutanota.de].volcano File Extension' Ransomware could be infecting most PCs running modern versions of Windows through exploits including, but not limited to, e-mail attachments, website scripts, and 'brute-force' attacks against the user's login credentials. This Trojan possesses two variants: one for 32-bit Windows PCs and another for 64-bit systems. Any system lacking anti-malware protection for disabling the '.[volcano666@tutanota.de].volcano File Extension' Ransomware is vulnerable to its encryption feature, which scans for and encrypts different formats of files, such as pictures, spreadsheets, documents or slideshows.

Just like InsaneCrypt Ransomware, the '.[volcano666@tutanota.de].volcano File Extension' Ransomware also creates a text file for telling the users how to pay its ransom for unlocking their media. The minor typos and other formatting details of the old Trojan are intact in the '.[volcano666@tutanota.de].volcano File Extension' Ransomware's version, although the cybercrooks sometimes collect the notes of separate campaigns and may obscure the identity of a Trojan deliberately.

Getting a Software Volcano to Cool Off

Since the '.[volcano666@tutanota.de].volcano File Extension' Ransomware is a likely derivative of a GitHub project, its source code is available to virtually anyone, and malware researchers aren't able to confirm the identity of its threat actors. There is a decryption program for free downloading that's compatible with the InsaneCrypt Ransomware (as well as its ancestor, DesuCrypt), but this application may require updating for the new release. Contact an anti-malware researcher familiar with file-locking threats for any other help you require, and never decrypt the only copy of a file unless you're sure of its success.

Scanning possibly unsafe downloads, such as e-mail attachments, disabling exploitable content, like scripts, and staying abreast of prominent tactics (such as fake delivery alerts) are all useful for blocking this Trojan at its delivery stage. Although traditional cyber-security products don't offer decryption services, they can delete the '.[volcano666@tutanota.de].volcano File Extension' Ransomware and keep its attacks from happening. Since there is a risk of ongoing data loss from any infection with an encryption-oriented payload, malware experts don't recommend deleting this threat manually.

The '.[volcano666@tutanota.de].volcano File Extension' Ransomware is a branch sprouting off of a tree that's free to the public for access. The average computer owner should be grateful that not many threat actors are taking GitHub up on its offer of free, albeit non-secure, Trojans.