Project57 Ransomware : Identified As Russian Cryptovirus
These days, a new Russian crypto-virus named Project57 Ransomware has been found on Internet. Some of the security analysts are identified it as an open source threat that uses outdated Delphi and PHP file encryption algorithm for encrypting users data like their audio or video clips, images, spreadsheets, PDFs, databases, documents and many more. Upon locking files successfully, it displays a text file on user screen named DECRYPT.txt that serves as a ransom note. Since ransom note is written in Russian language, most of the users think that it mainly targeted Russian users but it is wrong because it is capable to affects user all over the world. Before knowing too much information of Project57 Ransomware and it's deletion solution, see how ransom note looks like :
|Threat Profile of Project57 Ransomware|
|Threat's Name||Project57 Ransomware|
|Affected PCs||Windows OS|
|Encipher Used||Delphi/ SHA-256|
|File Extension||.[[email protected]].костя баранин|
|Mainly Targeted||Russian Users|
|Ransom Note||DECRYPT.txt, DECRYPT.html|
|Occurrences||Spam campaigns, bundling method, torrent downloads, file sharing network, hacked domain, infected device, exploit kits etc.|
|Removal Recommendations||To delete Project57 Ransomware and decrypt files, download Windows Scanner Tool.|
Actions That Performed By Project57 Ransomware On PC
- Gets inside the PC automatically.
- Stops Computer's security measures and firewall setting.
- Initiates file encryption procedure using advanced encryption algorithm.
- Renames the affected files by adding .[[email protected]].костя баранин file extension.
- Prevents affected users from opening their files.
- Drops several fake messages, notifications or alerts on your screen.
- Displays a ransom note entitled as DECRYT.txt in Russian language etc.
Detailed Information of Ransom Note Displayed By Project57 Ransomware
Project57 Ransomware drops a text file or html file that includes an information for indicating that your all files are locked. In order to decrypt files or retrieve them, it encourages user to contact with its developer via [email protected] email-address and transfer 0 Bitcoin to Bitcoin wallet address for getting decryption tool. But before believing on ransom message or paying ransom fee, you must know that Project57 Ransomware is in still development phase and hackers don't provide you to deliver decryption key even paying ransom fee. Therefore, it is highly advised to follow Project57 Ransomware removal guide instead of believing on ransom note.