Banta ransomware – Another high-risk variant of Phobos ransomware family! It was 21st October, 2017, when this infamous ransomware make its presence felt for the first time. The file-encrypting virus targets the personal documents stored in the compromised system. In order to ensure successful encryption, ransomware uses strong encryption algorithm.
Similar to its parent ransomware, Banta virus uses RSA and AES cryptographies to encrypt files. The encrypted files are renamed & appended with unique extension – ‘.banta’ and hence making them inaccessible.
The malicious virus is recognized by the Banta extension, which is appended to the filenames. After successful encryption, the malicious crypto virus aims to extort large amount of money from the users. Let us understand the menace caused by .Banta file virus.
|Symptoms||Encrypt your files and keep them hostage until you pay ransom amount. Once the files are encrypted, it becomes unreadable.|
|Damage||If the victim fails to make payment within specified time, the encrypted files can be lost permanently.|
|Removal||Download Removal Tool|
The seed of the malicious Banta ransomware is carefully planted on the websites to form a honey trap for the lurking users. The moment a connection is established with such sites, the dangerous macros silently come into existence. Hence, one way to propagate this virus is via questionable websites.
However, the most common method is spam email attachments. They contain malicious codes in the form of word file, document files, zip files, text files and so on. Once, you download or open such files, the malicious .Banta file virus initiate its mal activities in your system.
Apart from it, Trojans are another method used to increase the dangerous payload on the targeted system. Trojans are basically designed to create ‘Chain-infections’. Once, in your system, it will further install other dangerous applications.
Once it makes itself comfortable, the nasty Banta ransomware shows its quality of true master disguise! Its own set of rules gradually ensures it presence on connecting networks as well. The ransomware is finely tuned to invade the cyber security protocol and reach out to the selective destination in your system.
After allocating the files, it locks the files by embedding Banta extension with the filenames. The virus can become the major reason behind your data or identity theft!
To set fear in the mind of computer users, Banta ransomware show its unethical behaviour by encrypting stored files in your system. To ensure successful encryption, strong cryptographic algorithm is used! However, encryption is just the beginning of the destruction! In addition to corrupting the files, the malicious virus drops two files – ‘info.hta’ and ‘info.txt’.
The text file basically informs about the data encryption. Furthermore, the info.hta file displays other important information such as the amount of demanded ransom. If you want to recover .banta files, you have to purchase the Banta decryption tool. It is stored at the hacker’s server and hence, getting the key is not an easy task. The cost of decryption key is $500 – $1500 and payment is expected in bitcoins.
Additionally, the developer of this malicious virus allows you to send 5 encrypted files, which they decrypt for free. It is just a sample to make the victims believe about the capability of Banta Ransomware data recovery. Nevertheless, even if you are capable to pay the asked ransom, you should not opt to pay them.
Many of the users fall in the trap set by this expert marksman and end up paying to the demands. Unfortunately, there is no guarantee to the cure offered and the information may never be restored in many cases.
5 Once the system restarts, click on the username and enter the password (if any) to log in.
Once the system starts, ensure to use an account with administrative privilege to access Safe Mode with Command Prompt.
After the user enters admin credentials, Command prompt window is displayed wherein you are entitled to enter the below commands:
For Windows 7
Continue to follow steps 4 & 5 of Method 2 to restore the System Files and settings.
Subscribe to our newsletter today to receive updates on the Latest News and Threats.
The researchers at Virus Removal Guidelines are dedicated to track down the latest vulnerabilities which may infringe your system security. Our team of expert performs a detailed research about every malware infection before educating our users about the same.
Want to stay informed about the latest threats & malware? Sign up for our newsletter & learn how to get rid of all types of threats from your computer.