You are welcome to discuss various security topics with our professional team and other users like you!
Read our Registration Agreement and create your FREE account here!

*

never

  • *****
  • 122
  • +26/-0
  • Network Administrator and Malware Researcher
      • View Profile
A new ransomware variant from the "email as an extension" type has been reported to infect users massively. It encrypts the user's files and leaves a ransom note asking for money in return for the decryption of the files. The ransomware is known as the Doctor ransomware since it puts the Doctor@freelinuxmail.org file extension on the files it encodes. Here is how an email used by this ransomware looks:

id-3988370182_doctor@freelinuxmail.org

We strongly advise users not to comply to the cyber-criminals demands. More information about the crypto-malware and regarding how to restore your files, you may find in the following article:

Remove Doctor@freelinuxmail.org Ransomware and Restore Encrypted Files

Furhtermore, we suggest all users who have been affected by the ransomware to send files to our email. Since we constantly recieve files, we will try to respond and assist users the fastest way we can. Use the following address:

idunn0@abv.bg

We advise you not to attach the malware's payload files together with the encrypted files. Try to send separate emails because the mail has malware defense that blocks them.

N.B. This is an open forum topic about the Doctor@freelinuxmail.org ransomware infection. You may ask questions, help people with their data and simply share your experience. We at sensorstechforum will attempt to assist users the best way we can.


« Last Edit: January 29, 2016, 05:33:06 pm by never »