'Yourencrypter@protonmail.ch' Ransomware

Posted: August 6, 2018

'Yourencrypter@protonmail.ch' Ransomware Description

The 'Yourencrypter@protonmail.ch' Ransomware is a variant of the Paradise Ransomware, a RaaS or Ransomware-as-a-Service family of file-locker Trojans. Infections may prevent you from opening different file types, documents, and other media particularly, create text ransom notes and change your desktop's background. All users affected by this threat should have their anti-malware program uninstall the 'Yourencrypter@protonmail.ch' Ransomware before using the data recovery solutions in this article.

Falling Back into a Crook's Paradise

Threat actors are testing a new version of the 2017's Paradise Ransomware against threat databases, with the likelihood of planning additional, identity-obfuscating efforts for keeping their Trojan concealed from well-known security brands. Since malware analysts are seeing no present-day attacks involving this update, the 'Yourencrypter@protonmail.ch' Ransomware, its threat actors may be planning on giving it more patches before releasing it into the wild. However, like most RaaS products, its file-locking and ransoming routines are feature-complete.

The 'Yourencrypter@protonmail.ch' Ransomware uses RSA encryption as its means of 'locking' files of different formats not required by Windows for its basic stability, such as images, spreadsheets, documents or archives. In addition to this encrypting feature, which malware experts rated as being secure in the old versions of the Paradise Ransomware, the 'Yourencrypter@protonmail.ch' Ransomware also injects additional information (both a Base64 string and a separate number) into the file's internal data, which is new. The 'Yourencrypter@protonmail.ch' Ransomware's file-locking feature is slow relatively, but also offers no symptoms for helping the users identify it until after the media lockdown occurs.

As a final function, the 'Yourencrypter@protonmail.ch' Ransomware changes the desktop's background to a ransom warning and creates a text file with its in-depth ransoming instructions. The in-progress version of the 'Yourencrypter@protonmail.ch' Ransomware is at risk of being decrypted by free solutions, and malware experts advise contacting reputable security researchers for unlocking your files if you have no other options. Always keep spare copies of any media that you run through a decryptor in case the application corrupts the data.

Another Way of Dodging the Fee for Digital Paradise

Although the 'Yourencrypter@protonmail.ch' Ransomware is more compatible with decryption research than old members, it also is a work-in-progress that has yet to deploy itself against the public at large. A future the 'Yourencrypter@protonmail.ch' Ransomware campaign could include more protection than previously for its data-locking feature and not every version of the Paradise Ransomware is freely decryptable. As a precaution against such issues, malware experts recommend having backups that file-locker Trojans can't delete, encrypt, or corrupt, such as a cloud backup or a detachable USB.

The 'Yourencrypter@protonmail.ch' Ransomware's family also is notable for its distribution by using RDP exploits and brute-force attacks, which exploit risky passwords and login credentials. Using longer passwords, refraining from sharing them between multiple accounts, and avoiding default ones will keep brute-force attempts at compromising your PC from succeeding. Professional anti-malware programs also may delete the 'Yourencrypter@protonmail.ch' Ransomware during other installation attempts, such as via a document vulnerability, or disinfect the system afterward.

The 'Yourencrypter@protonmail.ch' Ransomware's is only its author's definition of 'paradise,' but couldn't make money without the help of those whom it harms. A high-quality backup and a little due diligence regarding your network's security can turn the 'Yourencrypter@protonmail.ch' Ransomware's ransom-collecting account into a hell, instead.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to 'Yourencrypter@protonmail.ch' Ransomware may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Home Malware Programs Ransomware 'Yourencrypter@protonmail.ch' Ransomware

Leave a Reply

Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter. If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.