Beware - There is a New Ransomware Variant Running Loose

What do you do if you get BitLocker ransomware?  Read on or Call Alvaka Networks at (949) 428-5001

I just read on BleepingComputer.com a new post about a variation of the CoinVault ransomware.  This one is called BitCryptor and unless you have a good backup it sounds like you will be paying the ransom if you are hit.

Here are some key characteristics:

This new ransomware will delete all shadow volume copies on your infected computers.  That is why it is so important to have a separate backup system that is isolated from your production systems. 

It will encrypt every file in a directory containing any pictures or backup strings.  In this regard it is much less selective and more damaging than CryptoLocker and CryptoDefense.

It will also encrypt a drive load of other files with extensions of  .odt, .ods,.odp, .odm, .odc, .odb, .doc, .docx, .docm, .wps, .xls, .xlsx, .xlsm, .xlsb, .xlk, .ppt, .pptx, .pptm, .mdb, .accdb, .pst, .dwg, .dxf, .dxg, .wpd, .rtf, .wb2, .mdf, .dbf, .psd, .pdd, .pdf, .eps, .ai, .indd, .cdr, .dng, .3fr, .arw, .srf, .sr2, .mp3, .bay, .crw, .cr2, .dcr, .kdc, .erf, .mef, .mrw, .nef, .nrw, .orf, .raf, .raw, .rwl, .rw2, .r3d, .ptx, .pef, .srw, .x3f, .der, .cer, .crt, .pem, .pfx, .p12, .p7b, .p7c, .jpg, .png, .jfif, .jpeg, .gif, .bmp, .exif, .txt, .tc, .mov, .mp4, .rar, .zip, .iso, .vsdx, .3ds, and .c4d  This is vastly more file types than the previous crypto ransomwares that have been “successful” in the past 24 months.

You can CLICK HERE to read the original post that I read.  There does not seem to be much other information available, yet.

If you are concerned about how to protect yourself from this type of Ransomware or need to know what to do if you are hit, you can check out this link: What Do I Do if I Get Ransomware?

Or you can call or write us at any time at info@alvaka.net

Call our 24-Hour Emergency Line at (949) 428-5001 or (877) NOC-NOC4 or (877) 662-6624