Hey you,
BE IN THE KNOW!

35,000 ransomware infections per month and you still believe you are protected?

Sign up to receive:

  • alerts
  • news
  • free how-to-remove guides

of the newest online threats - directly to your inbox:


Remove CIA Special Agent 767 Ransomware and Unlock Your PC

Attention! This article will aid you to remove CIA Special Agent 767 ransomware efficiently and unlock your PC. Follow the ransomware removal instructions below carefully.

CIA Special Agent 767 is a new variant of M4N1F3STO ransomware. This virus will lock your desktop screen, instead of encrypting your files, as it is also a screenlocker. A ransom note is provided on that same lock screen. The ransom price that it demands as payment is 100 US dollars, initially. That price increases if five days pass without payment, but you should not worry as there is a way to unlock your computer.

Threat Summary

Name CIA Special Agent 767
Type Ransomware, Screenlocker
Short Description The ransomware will lock your screen and display a ransom message with instructions for payment.
Symptoms The ransomware will lock your desktop screen and demand an initial price of 100 US dollars, which price will start increasing after five days pass.
Distribution Method Spam Emails, Email Attachments
Detection Tool See If Your System Has Been Affected by CIA Special Agent 767

Download

Malware Removal Tool

User Experience Join Our Forum to Discuss CIA Special Agent 767.
Data Recovery Tool Windows Data Recovery by Stellar Phoenix Notice! This product scans your drive sectors to recover lost files and it may not recover 100% of the encrypted files, but only few of them, depending on the situation and whether or not you have reformatted your drive.

CIA Special Agent 767 Ransomware – Infection

CIA Special Agent 767 could infect in different ways. Typically, there is a payload file which executes a malicious script, and thus, your computer becomes infected.

The CIA Special Agent 767 ransomware could be distributing that payload file on social media networks and file-sharing services. Several legitimate applications might contain the malicious payload script. A lot of freeware and bundled applications can be presented as useful on the Web, but actually, contain the malicious script. Do not open files from suspicious sources like emails and links, specifically not right after you download them. Before opening, you should perform a scan with a security program and check their size and signatures for anything that seems out of place. You should read the tips for ransomware prevention from the forum topic.

CIA Special Agent 767 Ransomware – Detailed Description

The CIA Special Agent 767 virus is not a cryptovirus, and will therefore not encrypt your files. Despite that, it is still ransomware and features a lock screen. While your screen is locked, your computer machine will be inaccessible. The virus is actually a variant of the M4N1F3STO ransomware.

CIA Special Agent 767 ransomware could create entries in the Windows Registry to achieve persistence. Those registry entries are designed to make the virus launch automatically with every boot of the Windows operating system. So, this will result in the lockscreen always activating and blocking the access to your PC.

On the same lock screen, there is also a message being displayed. The message contains instructions and demands of the cybercriminals for unlocking your personal computer and states the ransom price. You can see that ransom message and the lock screen in the picture below:

The ransom note reads the following:

IMPORTANT! PLEASE READ!

Unfortunately the files on this computer (documents, photos, videos) have
been encrypter using an extremely secure and unbreakable algorithm. This
means that the files are now useless unless they are decrypted using a key.

The good news is that your files are not lost forever! This tool is able
to rescue the files on your computer for you!

BY PURCHASING A LICENSE FROM US, WE ARE ABLE TO RESCUE YOUR FILES 100% GUARANTEED
FOR EVERY LOW EARLY BIRD PRICE OF ONLY $100 USD!* In 5 days however, the price of this service
will increase to $250 USD, and after $500 USD.

Payment is accepted in Bitcoin only. You can purchase Bitcoin very easily in your area by bank transfer,
Western Union, or even cash.

Visit www.localbitcoins.com to find a seller in your area. You can also goolge Bitcoin Exchanges to find
other methods for buying Bitcoin

Please check the current price of Bitcoin and ensure you are sending the correct amount before making your payment! Visit
www.bitcoinaverage.com for the current Bitcoin Price.

After making your payment, please wait up to 24 hours for us to make your key available. Usually done in much less time however.

IMPORTANT: Once the key is available and you click \”Decrypt Files\”, please wait and let the decryption process complete before closing
this tool. This Process can take from 15 minutes to 2+ hours depending on how many files need to be decrypted. You will get a
notification thatthe decryption process is complete, at which time you can click \”Exit\”. Removing this tool from your computer without first
decrypting your files will cause your files to be lost forever.

Bitcoin Address: 1GmGBH9ra2dqA8CgRg8a8Rngx4qHb2hLDW

*Please note that early bird qualification is determined from the date that this tool was first run as recorded on our servers.

Initially, you are asked to pay the ransom price of 100 US dollars. However, if five days pass without payment, the price then becomes 250 dollars. The amount will increase as time progresses after that and the next sum demanded by the crooks is 500. A malware researcher has found the unlock code which can be used to unlock your screen, so you should not pay the ransom sum at all.

You can see the unlock code from the screenshot given below:

If you successfully input the password, another short message will pop-up. It looks like this:

Even if some time has passed, you should be able to unlock your computer device, no matter if you have found about the unlock code right now. You should NOT under any circumstances pay the cybercriminals as that will only support them financially.

Remove CIA Special Agent 767 Ransomware

If your computer got infected with the CIA Special Agent 767 ransomware virus, you should have some experience in removing malware. You should get rid of this ransomware as fast as possible before it can have the chance to spread further and infect more computers. You should remove the ransomware and follow the step-by-step instructions guide given below.

Manually delete CIA Special Agent 767 from your computer

Note! Substantial notification about the CIA Special Agent 767 threat: Manual removal of CIA Special Agent 767 requires interference with system files and registries. Thus, it can cause damage to your PC. Even if your computer skills are not at a professional level, don’t worry. You can do the removal yourself just in 5 minutes, using a malware removal tool.

1. Boot Your PC In Safe Mode to isolate and remove CIA Special Agent 767 files and objects
2.Find malicious files created by CIA Special Agent 767 on your PC

Automatically remove CIA Special Agent 767 by downloading an advanced anti-malware program

1. Remove CIA Special Agent 767 with SpyHunter Anti-Malware Tool and back up your data
Optional: Using Alternative Anti-Malware Tools

Berta Bilbao

Berta is the Editor-in-Chief of SensorsTechForum. She is a dedicated malware researcher, dreaming for a more secure cyber space.

More Posts - Website

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...
Please wait...

Subscribe to our newsletter

Want to be notified when our article is published? Enter your email address and name below to be the first to know.