InfoDot Ransomware

Posted by Lisa Blanc on November 4, 2019

What is InfoDot Ransomware?

InfoDot Ransomware appears to be a recently developed ransomware application that can encipher files with both the AES-256 and the RSA-2048 encryption algorithms. So far, our researchers came across two samples that could be attributed to this malware. There are two options: the threat’s developers might be preparing to release a final version, or they mean to spread a couple of different variations of the malware. More information about the malicious application is provided further in this article. Thus, if you wish to know how to avoid such malware or what it is advisable to do after encountering it, we invite you to read our full article. Also, just a bit below the text, you should find deletion instructions that show how you could be able to erase a threat like InfoDot Ransomware manually.test

Where does InfoDot Ransomware come from?

The malicious application could sneak in by exploiting computer weaknesses, such as unsecured Remote Desktop Protocol (RDP) connections. If you are using such services, you should make sure that your connection is secured with a strong password. Also, we advise taking extra safety measures, such as setting up Two-Factor Authentication.

Another way that could be used to distribute InfoDot Ransomware might be sending Spam emails to targeted victims. Such messages ought to contain a malicious file or a link. Interaction with such material could result in infecting one’s system with ransomware. Consequently, our researchers at Anti-spyware-101.com advise not to interact with any data received via Spam emails or messages coming from questionable sources. Another source of the threat could be malicious file-sharing websites. In this case, victims could infect their systems unknowingly while trying to launch programs obtained from sites that offer torrents, pirated installers, etc. Obviously, to avoid making such a mistake, we advise downloading software only from reputable sources.

How does InfoDot Ransomware work?

It does not look like InfoDot Ransomware needs to create any data to settle in. Meaning, it might be enough to launch its installer (some unreliable file obtained from the Internet), and the malware might start running in the background. Its main task is to encipher data available on an infected device. Usually, such malicious applications are programmed to target private files, for example, photos, videos, various documents, and data alike. After they get encrypted, the threat ought to place the .info@mymail9[dot]com extension at the end of each enciphered file’s name, for example, picture.jpg.info@mymail9[dot]com.

Next, the malware should create a file that would display a ransom note when launched. However, our researchers say that one of the tested samples did not create such data or show any ransom notes. While another example dropped a note with a demand for 4 BTC. At the moment of writing, a single BTC is worth more than 9 thousand US dollars, so you can imagine how huge the ransom could be. Typically, hackers never ask for such amounts from regular home users, so there are two options: either they wrote any number or that particular sample was aimed at organizations.

How to remove InfoDot Ransomware?

What is recommendable to do after encountering such a threat is to decide if you are prepared to risk your money for nothing. Also, to remove the infection before it caused you more problems. The truth is that you may not need to erase InfoDot Ransomware as the sample we tested removed itself from our test computer as soon as it was done with encrypting data available on it. However, it does not mean that all of the malware’s versions will behave in this manner. Therefore, if you receive this malicious application, we recommend checking if it left your system after it encrypted your files. This you could do by following the instructions available at the end of this paragraph, or you could perform a full system scan with a reliable antimalware tool that could clean your system for you.

Eliminate InfoDot Ransomware

  1. Click Ctrl+Alt+Delete.
  2. Pick Task Manager and select Processes.
  3. Locate a process belonging to the threat.
  4. Select it and click End Task.
  5. Exit Task Manager.
  6. Click Windows key+E.
  7. Locate these paths:
    %TEMP%
    %USERPROFILE%\Downloads
    %USERPROFILE%\Desktop
  8. Locate the malicious application’s launcher (it could be any recently downloaded file), right-click it, and select Delete.
  9. Exit File Explorer.
  10. Empty your Recycle Bin.
  11. Restart the computer. 100% FREE spyware scan and
    tested removal of InfoDot Ransomware*
Disclaimer
Disclaimer
Trojans

Leave a Comment

Enter the numbers in the box to the right *