| Name | DESKRYPTEDN81 |
| Type | Ransomware, Trojan |
| Short Description | May encrypt important files and give decryption keys upon paying ransom which is usually financial compensation. |
| Symptoms | Appearing of different objects in various user folders or the Desktop or on startup. Files encoded with unfamiliar extensions |
| Distribution Method | Spam mails. MiTM attacks, malicious redirects. |
| Detection tool | Download SpyHunter, to See If Your System Has Been Affected By DESKRYPTEDN81 |
| Data Recovery Tool | Windows Data Recovery by Stellar Phoenix Notice! This product scans your drive sectors to recover lost files and it may not recover 100% of the encrypted files, but only few of them, depending on the situation and whether or not you have reformatted your drive. |
A new type of ransomware infection, carrying the name ‘DESKRYPTEDN81’ along with it has been reported to be encrypting victims’ files with the purpose of extorting them for funds. This type of threat corresponds to the ransomware attacks, detected as Ransom:Win32/Troldesh. This kind of ransomware has several variants and is seen to encrypt the files with the .Crypt extension in the affected computer. Once encrypted the files may not be able ever to be decrypted unless a corresponding decryption key is used. This decryption key is the sole purpose of the ransom note that this threat leaves after encrypting. This summary includes instructions on how to restore your files by paying the cyber criminals. Security experts recommend not to trust cyber criminals because it is no guarantee whether the files will be decrypted after making a payment.
How Can You Get Infected With DESKRYPTEDN81?
Infections with this ransomware trojan may vary. Most of them are conducted via spam messages or spoofed email addresses. Email attacks feature an attachment in the messages that usually has the initial exploit that begins the infection. Another method of infection is by dropping an executable file on the computer. This can happen if someone else has access to the same computer you are using, but can also happen if you download a file from the cloud. Another mean of infection is the so-called drive-by downloads, caused by redirects. Drive-by downloads are very dangerous since they directly infect the computer with malicious code. And if the user has an adware program or a browser hijacker that causes redirects to such pages, they may get infected.
How Does DESKRYPTEDN81 Work?
Once installed on the computer, this particular ransomware may:
1-Scan the computer for various file formats of relevance and importance to the user.
2-Encrypt the files with strong encryption, almost impossible to decrypt, leaving a .crypt or a similar unknown format after their names. (RSA, for example)
3-The Trojan leaves a ransom note with instructions on how to establish an anonymous connection with the cyber-criminals along with a deadline. After this period expires, the decryption keys may either be lost forever, or the fee might double.
This particular ransomware is reported by affected users to leave a ransom note which has a law-enforcement agency logo, such as the FBI, for example.
How To Remove DESKRYPTEDN81, Protect Yourself and Restore Your Data?
DESKRYPTEDN81 is a Troldesh trojan horse, after all, so don’t panic. This means that the threat can be removed easily with the assistance of an advanced anti-malware program. To eliminate this threat, you should boot your computer into Safe Mode without networking to isolate the active connection of this virus and restrict it to your computer only. Then you should install an updated version of an anti-spyware program that will detect and delete all the objects associated with it. For instructions on getting rid of it, refer to the step-by-step manual below.
Restoring and protecting your files:
To protect your data from ransomware or restore them if you have a backup, check this article(Scroll down to the ‘Protection’ section) plus see the after-posted protection video. It is a good countermeasure against any ransomware, including CryptoWall.
Also, in case you lack any backup from your computer, you can also check this manual in case you want to attempt and decrypt your files manually. Be warned that it may take a lot of time, if possible to decrypt at all.
Spy Hunter scanner will only detect the threat. If you want the threat to be automatically removed, you need to purchase the full version of the anti-malware tool.Find Out More About SpyHunter Anti-Malware Tool / How to Uninstall SpyHunter
