The 'firstname.lastname@example.org' Ransomware is a member of the RotorCrypt Ransomware family of file-locking Trojans. The 'email@example.com' Ransomware can harm your PC's text documents, images, and other media by locking them with the RSA encryption. The users should ignore the ransoming demands for the threat actor's unlocker, as long as they have any untested alternatives, such as freeware decryptors or backups, and may delete the 'firstname.lastname@example.org' Ransomware safely with any good anti-malware program.
Spinning Up the Rotor for Another Trojan's Delivery
The RotorCrypt Ransomware isn't one of the larger families of mercenary-inclined, file-locker Trojans, and competes with the success of the Crysis Ransomware or the Scarab Ransomware minimally. Some threat actors, however, are finding some value in its attacks, and malware experts see another version of it that's almost ready for distribution. The 'email@example.com' Ransomware's payload is nearly complete – except for a ransom note.
This small family doesn't use any graphically-advanced components, such as pop-ups or changing the wallpaper. It runs a secure encryption routine that uses an RSA algorithm for blocking media like documents and other, critical work or files. Since most versions add e-mail addresses onto the filenames, as well, an associated ransom message isn't always present, but malware experts do confirm a 'placeholder' one with the 'firstname.lastname@example.org' Ransomware.
The 'email@example.com' Ransomware drops a 'readme' Notepad file without any serious information; in fact, the extension that it adds to the files' names is more informative than the message. Future alterations by the threat actor could insert Bitcoin wallet addresses or other payment directives for a decryptor that they may or may not provide. No other updates are verifiable with the 'firstname.lastname@example.org' Ransomware, although malware experts do warn that its encryption is working and can block data across various directories.
Jamming RotorCrypt Ransomware's Latest Operations
The 'email@example.com' Ransomware bears little differentiation from fellow members of its family, which range from the '!@#$%^&-()_+.1C File Extension' Ransomware to the slightly-older 'firstname.lastname@example.org' Ransomware, the Patagonia92@tutanota.com Ransomware and the Panama1@tutamail.com Ransomware. In all cases, the users can protect their media files by saving backups on other devices. There are no free decryption solutions that are compatible with the family and, unfortunately, aren't likely in the future.
As humble as the RotorCrypt Ransomware family might be, its encryption attacks are no joke. Users thinking they can get away with ignoring backups may end up being extorted by the 'email@example.com' Ransomware's new campaign for a price that's open to speculation.
Use SpyHunter to Detect and Remove PC Threats
If you are concerned that malware or PC threats similar to firstname.lastname@example.org' Ransomware may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.
Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.