Remove CryptoGod Virus Infections – Restore .locked Files

CryptoGod virus image ransomware note .locked extension

The CryptoGod virus is a new strain of the Hidden Tear ransomware family. The currently released samples of it are probably test versions that may be updated in further iterations. Refer to our in-depth article for a technical analysis and full removal instructions.

Threat Summary

TypeRansomware, Cryptovirus
Short DescriptionThe ransomware encrypts sensitive information on your computer system with the .locked extensions and demands a ransom to be paid to allegedly recover them.
SymptomsThe ransomware will encrypt your files with a strong encryption algorithm.
Distribution MethodSpam Emails, Email Attachments
Detection Tool See If Your System Has Been Affected by CryptoGod

Malware Removal Tool

User ExperienceJoin Our Forum to Discuss CryptoGod.Data Recovery ToolWindows Data Recovery by Stellar Phoenix Notice! This product scans your drive sectors to recover lost files and it may not recover 100% of the encrypted files, but only few of them, depending on the situation and whether or not you have reformatted your drive.

CryptoGod virus – Distribution Ways

The CryptoGod virus is being distributed using the most common delivery tactics. The ongoing attacks are relatively limited in size and scope. It is possible that the hacker behind it may use various techniques to spread the infection.

One of the primary ones is the use of email SPAM messages containing social engineering tactics. The CryptoGod virus is delivered using messages that pose as being sent by well-known companies or Internet services. The files can be either attached directly or hyperlinked in the body contents.

The criminals behind the virus can create fake download sites that mimic legitimate Internet portals by hijacking their design templates and web elements. Along with file sharing networks (for example BitTorrent) they areu used to deploy infected payloads to the target machines. There are two (Read more...)

*** This is a Security Bloggers Network syndicated blog from How to, Technology and PC Security Forum authored by Martin Beltov. Read the original post at: