Last year, Ransom32  – “Ransomware as a service” – malware allows malicious users to create their own ransomware to extort money from those affected by it. There are several variants of it – the most recent one, calledTeslaCrypt (Trojan.Cryptolocker.N), has emerged late in November of 2015, sweeping through internet, sending out massive amounts of spam, with highest peak of detention marked in early December 2015.

TeslaCrypt infects victim’s computer and uses strong encryption to encrypt a wide range of local files. Because TeslaCrypt’s authors have continually refined this particular malware and its distribution it is now considered one of the more dangerous e-threats.

  • Required Your attention
  • Would you be so kind as to tell me if the items listed in the invoice are correct?
  • Please accept our congratulations on a successful purchase and best wishes.
  • Would you be nice enough to provide us with a wire transfer confirmation.

If you see emails with such subjects, delete them immediately.

Which file extentions are targeted for encryption?

Listed here in alphabetical order:

.3fr, .7z, .accdb, .ai, .apk, .arch00, .arw, .asset, .avi, .bar, .bay, .bc6, .bc7, .big, .bik, .bkf, .bkp, .blob, .bsa, .cas, .cdr, .cer, .cfr, .cr2, .crt, .crw, .css, .csv, .d3dbsp, .das, .dazip, .db0, .dba, .dbf, .dcr, .der, .desc, .dmp, .dng, .doc, .docm, .docx, .dwg, .dxg, .epk, .eps, .erf, .esm, .ff, .flv, .forge, .fos, .fpk, .fsh, .gdb, .gho, .hkdb, .hkx, .hplg, .hvpl, .ibank, .icxs, .indd, .itdb, .itl, .itm, .iwd, .iwi, .jpe, .jpeg, .jpg, .js, .kdb, .kdc, .kf, .layout, .lbf, .litemod, .lrf, .ltx, .lvl, .m2, .m3u, .m4a, .map, .mcmeta, .mdb, .mdbackup, .mddata, .mdf, .mef, .menu, .mlx, .mov, .mp4, .mpqge, .mrwref, .ncf, .nrw, .ntl, .odb, .odc, .odm, .odp, .ods, .odt, .orf, .p12, .p7b, .p7c, .pak, .pdd, .pdf, .pef, .pem, .pfx, .pkpass, .png, .ppt, .pptm, .pptx, .psd, .psk, .pst, .ptx, .py, .qdf, .qic, .r3d, .raf, .rar, .raw, .rb, .re4, .rgss3a, .rim, .rofl, .rtf, .rw2, .rwl, .sav, .sb, .sid, .sidd, .sidn, .sie, .sis, .slm, .snx, .sql, .sr2, .srf, .srw, .sum, .svg, .syncdb, .t12, .t13, .tax, .tor, .txt, .upk, .vcf, .vdf, .vfs0, .vpk, .vpp_pc, .vtf, .w3x, .wb2, .wma, .wmo, .wmv, .wotreplay, .wpd, .wps, .x3f, .xf, .xlk, .xls, .xlsb, .xlsm, .xlsx, .xxx, .zip, .ztmp,

If a malware infection of this type occurs, it will be necessary to have the entire environment restored from the last clean snapshot prior to infection, and there may be data loss. In addition, while the data is being restored, users may be unable to access their environment during that time.

At this time, no vendor can guarantee 100% effectiveness against all malware. For more information, visit these resources

How is your state of IT?

Call Us: (201) 493-1414

Related Articles

FaceTime bug poses privacy threat for individuals and businesses using the app
Will your data be affected by Google’s GDPR flop? Europe leads the way on privacy policy enforcement.
Google applies modifications to Chrome after major privacy issue
Update: additional info on advanced malware, named VPNFilter
Additional Update on CPU Meltdown and Spectre Vulnerabilities
CPU Meltdown and Spectre Alert Update
Critical flaw in Intel Chips makes your computer vulnerable without a fix, and too slow with a patch.
U.S. Congress Hired the Wrong “IT Guy” – How SMBs Can Avoid a Similar Costly Mistake
Reputable highly rated Small Business IT services and tech support company in New Jersey - powersolution industry awards

Looking for a Break-Fix support? We recommend ValueMSP »ValueMSP - Tech Support for Small Business

Scroll to Top