The Turkish Ransomware (that also may be encountered as the FileEncryptor Ransomware or the Turkish FileEncryptor Ransomware) is a cyber threat that is likely to be the product of Turkish hackers. The first notable thing about the Turkish Ransomware is that it does not use any language apart from Turkish so that it is likely that most users affected by this threat will be residents of Turkey. However, there’s no way to guarantee that the Turkish Ransomware will not reach the computers of users from other countries, and that’s why the Turkish Ransomware should be considered a global threat that must be stopped by using the correct security measures and safe browsing tips.
The Turkish Ransomware borrows some images used by the famous CTB-Locker (Critoni) Ransomware, but there’s nothing in common between these two threats – they are coded in programming languages entirely different. When the Turkish Ransomware attacks a computer, it encrypts a long list of files including documents, images, databases, archives, presentations, spreadsheets, music, etc. In addition to this, the Turkish Ransomware also will mark the encrypted files by renaming them and including the ‘.encrypted’ extension to the end of their name (e.g. ‘invoice.xlsx’ will be changed to ‘invoice.xlsx.encrypted’). When the encryption is complete, the Turkish Ransomware spawns a new window that contains the Turkish ransom note. In addition to this, the threat also drops a text-based ransom note in the file ‘Beni Oku.txt’ (Turkish for ‘Read Me.txt’). The attacker demands a payment of $150, which must be completed via Bitcoins. In addition to this, victims also will find the e-mail address [email protected], which should be contacted when the transaction is complete.
Although the Turkish Ransomware’s author does not demand much money, it is not a good idea to pay the ransom sum. Ransomware operators are anonymous cyber crooks, and there’s nothing to stop them from taking your money and leaving you with a large number of inaccessible files. Unfortunately, there’s no known way to recover the files locked by Turkish Ransomware for free, so the best victims of this crypto-Trojan can do, is to run an anti-malware tool that will remove the threatening program from their computers.