The [email protected] Ransomware is a variant of the Everbe 2.0 Ransomware, and it does not appear to feature any improvements regarding functionality. The only changes that the operators have applied is to use a different extension to mark the encrypted files, as well as to supply a modified ransom note, which contains contact details, the victim’s ID, and an offer to decrypt three files free of charge. It is not unusual for ransomware authors to offer free decryption for a few files since they consider this as an easy way to convince their victims that they can get all of their files back by agreeing to pay a ransom sum. It is strongly advised to take advantage of the free decryption that the cybercriminals offer; however, sending them money is a significant risk, and it would not be a surprise if you end up being tricked.

The [email protected] Ransomware is likely to be distributed with the help of spam e-mails, as well as via attacks on unsecured remote desktop software and services. The spam e-mail techniques that cybercriminals use are usually very diverse, but they have some things in common – the end-goal is to convince the recipient to download a file attachment, which is a corrupted file meant to either launch the [email protected] Ransomware or execute a script that will download and deploy the threatening program. When the [email protected] Ransomware is launched successfully, it may begin the file-encryption process immediately. Usually, this stage of the attack takes just a couple of minutes, and the victim is unlikely to detect anything out of the ordinary after that time. When the file-encryption attack is complete, the [email protected] Ransomware will create the ransom note ‘!_HOW_RECOVERY_FILES_!.txt,’ which explains the situation to the victim. According to the instructions of the cybercriminals behind the attack, the victims will need to pay a hefty ransom fee if they want to access their data again. As we mentioned above, they also offer to decrypt a few files for free – just contact [email protected] or [email protected] and follow the instructions in the ransom note. Don’t forget that even if they complete the task, you should not agree to send them money.

Unfortunately, the victims of the [email protected] Ransomware might not be able to recover from the attack fully, unless they have a recent backup of their data. If a backup is not available, then the victims might have a chance to undo some of the damage by using 3rd-party file restoration software suites. However, these applications are not guaranteed to deliver excellent results, but they might be able to recover at least a fraction of the encrypted files. Don’t forget that the corrupted files of the [email protected] Ransomware should be removed from your computer immediately, and the best way to do this is to use a reputable anti-virus scanner.
[template:aliases][template:removal][template:technical_title][template:files][template:registry][template:additional]