New ransomware from GlobeImposter series is circling around the web. Successor of.Tiger4444, .Rat4444 and several other strains that are reported to use extensions with the same digital pattern, the .Pig4444 files virus aims to plague commonly used computer systems and corrupt personal files stored on the drives. In fact, the main goal of this nasty threat is to blackmail victims into paying a ransom fee to the cyber criminals who launch the attacks.
In the unfortunate event that you are a victim of .Pig4444 crypto virus it is recommendable to avoid any negotiations with cyber criminals and consider the help of secure weapons of choice.
|Name||.Pig4444 Files Virus|
|Short Description||Severe malware that is designed to encrypt valualbe files stored on compromised computers so that it can then extort ransom fee from victims.|
|Symptoms||Files are encrypted and renamed with the extension .Pig4444|
Ransom message extorts a payment for files recovery.
|Distribution Method||Spam Emails, Email Attachments|
|Detection Tool|| See If Your System Has Been Affected by .Pig4444 Files Virus |
Malware Removal Tool
|User Experience||Join Our Forum to Discuss .Pig4444 Files Virus.|
|Data Recovery Tool||Windows Data Recovery by Stellar Phoenix Notice! This product scans your drive sectors to recover lost files and it may not recover 100% of the encrypted files, but only few of them, depending on the situation and whether or not you have reformatted your drive.|
.Pig4444 Files Virus (GlobeImposter Ransomware) – How Did I Get It and What Does It Do?
GlobeImposter ransomware has new variant and it is called .Pig4444 files virus. The threat is named after an associated extension which it uses for marking corrupted files. For files corruption, .Pig4444 ransomware activates a special cipher module. This module is designed to scan all drives for commonly used types of files so that it can then transform their code. Since the transformation is realized by the usage of a sophisticated algorithm, all corrupted files remain unusable until their code is reverted back to its original state.
The ransomware could encrypt files, which are from the following file types:
- Audio files
- Video files
- Document files
- Image files
- Backup files
- Banking credentials, etc
Unfortunately, .Pig4444 files virus is a threat that corrupts not only valuable files but many essential system settings as well. Before, this ransomware could reach the data encryption stage, it passes through several attack stages. During these stages, .Pig4444 executes a bunch of malicious files which it establishes on the system.
First the ransomware aims to evade detection. In the event it succeeds, it becomes able to access certain system components and modify their settings. One of these components is likely to be the Registry Editor. Since it is a hierarchical database that stores specific commands that control the regular functioning of system resources and installed applications, ransomware like .Pig4444 are often set to add malicious values in it in order to misuse its functionalities. By doing this, .Pig4444 files virus could start loading every time you turn on the infected PC.
For its final infection stage, .Pig4444 ransomware drops a file called HOW TO BACK YOUR FILES.txt and loads it on the screen. The file contains a specially crafted ransom message that attempts to extort a ransom fee for files’ decryptor. Here is a copy of its content:
YOUR FILES ARE ENCRYPTED !!!
TO DECRYPT, FOLLOW THE INSTRUCTIONS:
To recover data you need decrypt tool.
To get the decrypt tool you should:
1.In the letter include your personal ID! Send me this ID in your first email to me!
2.We can give you free test for decrypt few files (NOT VALUE) ans assign the price for decryption all files!
3.After we send you instruction how to pay for decrypt tool and after payment you will receive a decryption tool!
4.We can decrypt few files in quality the evidence that we have the decoder.
DO NOT TRY TO DO SOMETHING WITH YOUR FILES BY YOURSELF YOU WILL BRAKE YOUR DATA !!! ONLY WE ARE CAN HELP YOU! CONTACT US:
ATTENTION !!! THIS IS YOUR PERSONAL ID WICH YOU HAVE TO SEND IN FIRST LETTER:
Be advised to refrain from paying hackers the ransom as this action does not guarantee the recovery of your encrypted files. Since the code of their threat may be full of bugs, their decrypter may not be able to recover .Pig4444 files.
Currently, .Pig4444 files virus is released in active attack campaigns against online users worldwide. Popular techniques such as malspam, freeware installers, and corrupted hosts may be used for its spread. Malspam is the technique that is believed to be preferred by hackers. It is realized via massive spam email campaigns. The email messages that are part of such campaigns usually attempt to trick you into downloading the malicious software by presenting it as an important document in a file attachment, a clickable link/button or another interactive element.
Remove .Pig4444 Files Virus and Restore Data
The so-called .Pig4444 files virus is a threat with highly complex code that heavily damages both essential system settings and valuable data. So the only way to use your infected system securely again is to remove all malicious files and objects created by the ransomware. For the purpose, you could follow our step-by-step removal guide.
In the event that you want to attempt to restore .Pig4444 files with the help of alternative data recovery methods, do check step four – Try to Restore files encrypted by .Pig4444 Files Virus. We remind you to back up all encrypted files to an external drive before the recovery process.