June 2017 Is the month of the ransomware viruses coming from the open-source Hidden Tear project. Such virus is the CryptoSpider ransomware threat which aims to encode the files on your computer, using AES cipher and then demand you to pay money in order to have your files working again. The virus also adds a lockscreen claiming you have been hacked by ./MR.GHOST-C47. If your computer has been infected by this virus, we suggest that you read the following material and learn how to remove it and decrypt your files.
|Short Description||Based on the open-source HiddenTear code. Encrypts files and then asks for a ransom.|
|Symptoms||Files are encrypted with the .Cspider file extension added to them.|
|Distribution Method||Spam Emails, Email Attachments, Executable files|
|Detection Tool|| See If Your System Has Been Affected by .Cspider Virus |
Malware Removal Tool
|User Experience||Join Our Forum to Discuss .Cspider Virus.|
.Cspider Ransomware – More Information
The .Cspider virus is from the file encryption type. Being based on the HiddenTear project, it aims to infect users who do not suspect what Is happening. This happens usually via different methods:
- Being spread via e-mail spam messages.
- Via malicious files uploaded as fake game patches or cracks.
- Through multiple different key generators game patches, cracks or other activation software.
After an infection takes place, the .Cspider virus drops it’s malicious file, named CryptoSpider.exe on the victim’s computer.
Then, the virus may modify the registry entries of the infected computer and hence run automatically on system start. In addition to this, the .Cspider ransomware may also delete the shadow volume copies on the infected computer. After doing so, CryptoSpider also aims to encrypt specific files on the compromised computers, like:
- Image files.
- Audio types of files.
- Other often used files.
After the encryption has completed, the files can no longer be opened and have the following file extension:
Fortunately, you do not have to pay anyone to restore the encrypted files, because all HiddenTear versions are now decryptable. But first it is important to remove this ransomware. For the removal and decryption, please follow the instructions below.