Wesker Ransomware

The Wesker Ransomware is a relatively new file-encryption Trojan that does not appear to be spread widely but has already managed to reach computers in several countries in different parts of the world. Unfortunately, encountering the Wesker Ransomware is likely to have bad consequences for you since this file-locker is able to render the contents of your files inaccessible swiftly – it is capable of encrypting documents, images, videos, archives, databases and many other file formats. Unlike other file-lockers, it does not append a custom extension to the names of locked files so that victims might need to check which of their files are now inaccessible manually.

Of course, the perpetrators are using this ransomware to make money, and this is why their attacks are accompanied by a ransom note, which explains the situation to the victims and tells them what they need to do if they want to get their files back. The Wesker Ransomware uses the file ‘!!!INSTRUCTION_RNSMW!!!.txt’ to supply contact and payment details. The attackers appear to use a TOR-hosted payment portal, as well as a Telegram profile for contact. A visit to the payment page reveals that instead of using Bitcoin, the Wesker Ransomware’s authors have opted to use the DASH cryptocurrency.

Sadly, there is no proof that the authors of the Wesker Ransomware are capable of decrypting your files so that we would not advise you to trust them. Do not forget that the anonymous crooks behind the attack have already taken your files away from you, and there is a significant chance that they may use the same strategy if you opt to pay them. Unfortunately, no one can assure that you will get your files back after they have been locked up by the Wesker Ransomware. You can eradicate the threat with the use of an anti-malware scanner definitely, but after this, you may need to resort to alternative data recovery options whose success rate may be far from excellent.