What Is Coot Ransomware?
Nowadays, ransomware threats are become incredibly popular in the world of cyber crime, as one can make some cash very easily and quickly with very little risk of repercussions. Most of the creators of ransomware threats don't build them from scratch as this would require so many skill and time to do this task. Instead of this, they would silently take the code from an already existing file-locking Trojan and changes it inorder to fit in their needs before propagating it which causes headache to innocent users. This is the particular case with today's ransomware threat named Coot Ransomware. Malware experts spotted the Coot Ransomware and studied it at once. Finally, they discovered that it belongs to the infamous family of STOP Ransomware.
It is not fully clear what propagation methods have the creators of the Coot Ransomware used in this particular campaign. It is being considered that they are usually using mass spam emails which as an infection vector for propagating the Coot Ransomware. This is usually done by attaching an infected file to a fraudulent message which further urging the users to open the unsafe attachment. If the users fall in this trick, they will give the Coot Ransomware access to their computer system. Once Coot Ransomware threat manages to worm its way into the targeted host, it will deeply scan all the data which is present into the computer system. This is usually done so that the Coot Ransomware locates the files which it was programmed to target for encryption. The Coot Ransomware goes after a long list of file types that are likely to be present on any users computer system to guarantee maximum damage. Moreover, the Coot Ransomware will start locking all the targeted data by applying an encryption algorithm into the computer system. It changes its name by adding a '.coot' extension at the end of the every filename when this data locking trojan encrypts a file.
When this step of the attack is initiated, the Coot Ransomware will drop a ransom note named '_readme.txt'. In the ransom note, the attackers state that if all the users who contact them within 72 hours of the attack taking place will have to pay only $490. Although, users who fail to do that will have to pay double the amount which is $980. There have been only two email addresses provided by the attackers where the attackers expect to be contacted for further details- '[email protected]' and '[email protected]'. The attackers offer the victims to send them one file which will be decrypted free of charge inorder to prove that their decryption key works.
Therefore, don't attempt to remain or get in touch with cyber criminals as there is nothing so good that can come of it. A much safer solution would be for you is to download and install a reputable anti-virus application and use it always to remove the Coot Ransomware from your computer system safely.