Cossy Ransomware

Posted by Lisa Blanc on February 15, 2019

What is Cossy Ransomware?

If you open the wrong spam email attachment, leave your system vulnerable, or interact with malicious downloaders, Cossy Ransomware is one of the many threats that could invade your Windows operating system. The threat is extremely aggressive, but it is stealthy in its attack, and you are not supposed to recognize it or even notice it. After execution, the threat is meant to encrypt files, and Anti-Spyware-101.com researchers warn that this particular infection is capable of encrypting everything in its way. Of course, the ransomware evades files that help the system operate because if the system crashes, the attack will not be successful. The main goal is to make victims pay money, and a ransom note must be introduced to the victim for that. The ransom note is delivered via a TXT file, which is one of the several files that require removal. If you continue reading, you will learn what it takes to delete Cossy Ransomware from your operating system. We have to warn you right away that the process might be complicated.test

How does Cossy Ransomware work?

It appears that Cossy Ransomware is targeted at Russian-speaking Windows users. After execution, this malware encrypts files right away – which it does using the RSA-2048 encryption algorithm – and then it creates files named “Как все эту шалашкину контору расшифровать.txt” and “Крайне важная инфа.RSA-2048 файл.” The latter is the file that has the RSA key, and the first one is created for the victim. This is the ransom note that we discussed previously. The attackers behind Cossy Ransomware are using this file to state that files were encrypted and that a special decoder is required for the recovery. To obtain this tool, victims are instructed to pay 50 rubles (in crypto-currency, Bitcoin) and then email the same attackers at grafimatriux72224733@protonmail.com. The ransom note also alludes to negotiations being possible, and it also claims that 5 files can be decrypted for free if only the victim sends them to the attackers. We suggest that you remove the ransom note file right away because you have no use for it. Of course, you have to decide if you want to contact cyber criminals and pay money, but we certainly do not advise it.

Have you set a system restore point? If you have, you might think that you can restore your system to a point when Cossy Ransomware did not exist. Unfortunately, this malware deletes all shadow volume copies. That means that the files that have the “.Защищено RSA-2048” extension appended to them are corrupted permanently. You might think that cyber attackers can help you get your files back, but we would not trust them in any case. Although you might not be able to recover files, maybe you have replacement copies? More and more people nowadays use cloud storage or external drives to store their files not only for convenience but for protection too. If you have your files backed up, you have done the right thing. Now, you can remove Cossy Ransomware and replace the corrupted files with their backups. If you did not take care of your files, you now have to pay the price.

How to delete Cossy Ransomware

We hope your files are backed up, and we hope that you can remove Cossy Ransomware without any consequences. The removal of this threat is not the easiest of tasks, and only more experienced users are likely to handle it successfully. That is, if you decide to delete Cossy Ransomware manually. You have one more option, and that is to install anti-malware software. Why should you do that? Well, there aren’t many reasons why you shouldn’t. This software will automatically scan your operating system, it will erase the threats that are found, and it will also guarantee that your system is protected in the future. While we strongly recommend using the protection of anti-malware tools, you also want to take matters into your own hands. Back up your files and observe your behavior online to ensure that you do not give cyber attackers the chance to drop malware onto your computer again.

Removal Guide

  1. Find and Delete the launcher of the ransomware (location is unknown).
  2. Delete the files named Как все эту шалашкину контору расшифровать.txt and Крайне важная инфа.RSA-2048 файл from every affected folder.
  3. Empty Recycle Bin and then run a system scan to check if your system is clean. 100% FREE spyware scan and
    tested removal of Cossy Ransomware*

Stop these Cossy Ransomware Processes:

Cossy.exe
Disclaimer
Disclaimer
Trojans

Leave a Comment

Enter the numbers in the box to the right *