The Encrypt Ransomware is a cyber threat, which has already managed to lock the files of victims who reside in various countries around the world. This is likely to mean that the authors of the EnCrypt Ransomware are not targeting a specific audience and, instead, their threat distribution campaign may reach users across the world. The bad news is that the EnCrypt Ransomware appears to be rather secure, and we are yet to hear whether it would be possible to break the EnCrypt Ransomware’s encryption to reverse the damage done to the files of its victims.
The exact propagation methods used to spread the EnCrypt Ransomware are not yet known, but it is likely that the cyber crooks behind this file-encryption Trojan are relying on more than one method to distribute their harmful program. Naturally, corrupted e-mail attachments are the number one suspect when it comes to spreading ransomware, but it also is possible to find the EnCrypt Ransomware’s disguised executable in fake downloads, torrent trackers, and other websites associated with dubious or pirated content. Unfortunately, the EnCrypt Ransomware is just one of hundreds of ransomware threats that are lurking on the World Wide Web, and that’s why we advise our readers always to use a credible and up-to-date anti-malware software suite, which can keep them safe during their Web browsing sessions.
Users who don’t have anti-virus protection in place might end up having their computers infected by the EnCrypt Ransomware and, unfortunately, this will result in the loss of hundreds if not thousands of files stored on their computers. Just like typical crypto-threats, this threat also works by encrypting the contents of photos, documents, archives, videos, songs and other files. After encrypting all suitable file formats, the EnCrypt Ransomware proceeds to leave a ransom note, which tells victims that their data has been taken as a hostage and recovering it would cost them some money. In the case of the EnCrypt Ransomware, the perpetrators ask for a ransom sum of $50, but they note that the transaction must be completed via Bitcoins. This is why their ransom note (found in the file ‘READ_THIS_FILE.txt’ includes detailed directions on how to register a Bitcoin wallet, exchange money for BTC, and then complete the transaction. The attackers promise victims that they will be able to decrypt their files as soon as they pay the ransom sum and visit a TOR-based Web page where they must enter their victim ID (found in ‘READ_THIS_FILE.txt’), e-mail address, and the Bitcoin address they sent the money from.
Although the price is not that high, we advise victims of the EnCrypt Ransomware to consider looking for alternative file recovery methods that don’t require them to send money to anonymous cyber crooks. One of the traits of the EnCrypt Ransomware’s attack is the way it modifies the names of the locked files – they will have the ‘.en’ extension appended to the original file extension. For example, the locked version of ‘vacation.jpg’ will be ‘vaction.jpg.en.’ The recommended thing to do when dealing with the EnCrypt Ransomware or other files lockers is to eliminate the intruder by using a credible anti-virus scanner immediately. After the threat has been removed safely, you should backup the encrypted data, and then attempt to recover it via 3rd-party file restoration methods and tools.
[template:aliases][template:removal][template:technical_title][template:files][template:registry][template:additional]
