The Poret ransomware is a new strain of ‘Djvu ransomware family’. Discovered by Michael Gillespie, this new ransomware is a high-risk file encrypting infection. The recent ransomware attacks the following versions of Windows OS:
Name | Poret |
Type | Ransomware |
Category | Malware |
Targeted OS | Windows |
Targeted Browser | Internet Explorer, Google Chrome, Firefox |
The Poret ransomware aims to extort money in tricky way. It encrypts your important files/documents and makes them inaccessible. Ransom in the form of bitcoins (crypto currency) is demanded in exchange of your data.
‘.poret’ extension is attached by Poret ransomware to the encrypted files. The additional extension makes the files unusable. At the same time, a document named ‘readme.txt’ is created in folders containing encrypted files.
This document contains the ransom demanding message and notifies the victim about the ransomware attack. This ransomware creates a unique key to restore the encrypted files. Unfortunately, the key is created on the server of cyber criminals.
Hence, the victims believe that the only way out is to pay the ransom. However the reality is different! There is no guarantee that your data will be decrypted, even after paying the asked ransom. So, if you do not want to waste money, you should delete Poret ransomware from your system.
Once the Poret ransomware infects your files, it changes their extensions. The corrupted files are no longer accessible by you. Whenever you try to open the files, it will display a ransom demanding message on your screen. In order to access your encrypted files, you have to pay the asked ransom.
The list of file that Poret ransomware targets include –
After encrypting your files, the Poret ransomware virus leaves a ransom note text file. Usually named as ‘readme.txt’, this file displays a message demanding ransom, every time you try to open the encrypted file. It offers the users on how to get the decryption key in exchange of ransom.
Ransom-Demanding Message:
There are numerous methods available for hackers to collect the ransom. A few of them are Litcoin, Zcash, Dash, Bitcoin and Peercoin. Among all the crypto currencies available, Bitcoin is the most used method for ransom collection. Bitcoins are a form of electronic cash and these are easier than any other form.
A sum of 0.13 bitcoin ($980) is demanded for the decryption key. However, the victim can reduce the sum to half i.e. 0.063 bitcoin ($490) if the ransom is paid within 72 hours after the attack.
This latest ransomware is usually distributed via spam e-mails with malicious attachments. Cyber-criminals send the e-mails with a catchy subject lines. Such header information is given to trick the user into believing that the e-mail is from a shipping company. These e-mails notify about an undelivered package or a shipment that have been made. One cannot resist being curious on such e-mails. As soon as you open the attachment in the e-mail, the Poret ransomware will infiltrate your system.
Apart from e-mails, it also exploits the vulnerabilities in the Operating System. It has been observed that, Poret attacks the victims by hacking Remote Desktop Services (RDP) ports.
However, if you want to recover your encrypted data, you should try the following steps. Here are all the possible ways you can try to stop Poret ransomware:
5 Click on the username and enter the password (if any).
If this step didn’t work, and the suspicious file remains in your system, you can try the next step.
If you are unable to remove the ransomware in configuration settings, you can try removing the malicious file using command prompt.
Once the system starts, ensure to use an account with administrative privilege to access Safe Mode with Command Prompt.
After the user enters admin credentials, Command prompt window is displayed wherein you are entitled to enter the below commands:
If command prompt also fails, the final step is restoring your system files and folders.
OR
OR
Continue to follow steps 4 & 5 of Method 2 to restore the System Files and settings.
Hits: 64
Subscribe to our newsletter today to receive updates on the Latest News and Threats.
Want to stay informed about the latest threats & malware? Sign up for our newsletter & learn how to get rid of all types of threats from your computer.