The Delphimorix Ransomware file-locker has been active for just a few weeks, but it has already managed to infect several victims who have reported slightly different symptoms – it appears that the Delphimorix Ransomware uses the same file-encryption algorithm, but it may sometimes append a different extension to the names of the locked files. Several victims reported that their files were renamed to include a random combination of numbers, while others have noticed the extension ‘[email protected]@@@[email protected]@[email protected][email protected]@@[email protected][email protected][email protected]@@’ among their files. However, there is one recurrent thing between all attacks that should make the Delphimorix Ransomware easy to identify – it always leaves the ransom message ‘delphimorix_ransom_note.txt’ on the user’s desktop.
The ransom message contains the demands of the attackers, and they are rather surprising. Ransomware operators usually demand a somewhat sensible payment in exchange for their decryption services, but the authors of the Delphimorix Ransomware have set the price to 101 Bitcoin – something that no one would ever agree to pay. It is likely that this part of the message might be a joke, but unfortunately, the rest of the attack is not, and the Delphimorix Ransomware is capable of leaving its victims with thousands of encrypted files.
The ransom note also features the attackers’ email address, which can be used to get in touch with them – [email protected] However, we do not suggest trying to get in touch with the Delphimorix Ransomware’s authors since they are unlikely to be willing to provide you with help for free.
After all this bad news, there is something positive – malware researchers suspect that the Delphimorix Ransomware is decryptable so that there is a significant chance that a free decryptor might be released in the future. However, for now, it is impossible to undo the damage that the Delphimorix Ransomware causes unless you have a backup copy of your damaged files. Since contacting the attackers is not an option, the victims of the Delphimorix Ransomware should use a suitable anti-malware application to scan their computer and eliminate the file-encryption Trojan’s files immediately. When this is done, it is recommended to preserve all locked files, and check the cyber security news for the availability of a decryptor regularly.