Dot Ransomware is a latest discovery in the field of file encrypting threat which was spotted by malware researchers in February 2017. It is a RAS based threat which means ransomware at service. This service has gain more popularity in recent year, which provide platform to the cyber criminals for creating their customize encryption virus. According to a security report, the customer who distribute this ransomware will also get profit from the money extort by the victim. This encryption threat is considered to a most dangerous threat among RaaS segment based ransomware. However, the research on this ransomware is still in process but according to the sample recorded, it behaves like a dangerous ransomware. So like all the ransomware, it is also designed to invade system, encrypt files and demand user to pay ransom.
Detail information about Dot Ransomware
As mentioned above, Dot Ransomware is developed to provide criminals platform for creating file encrypting threat. So the person who want to be cyber criminal, visit dot2cgpiwzpmwtuh[.]onion to register it which is a official page of RaaS which is hosted on TOR Network. The building kit of the Dot Ransomware is identical to Atom Ransomware but still there is no evidence that both the threats are related with each other. According to the samples taken from the Ransomware Builder contain the following options:
- Set Encryption Mode
- Set Bitcoin Address
- Set Attacked Extension
- Set Special Decryption Price For Country
- Set Default Decryption Price
- Download Ransomware Core
- Load Ransomware Core
- Build Ransomware
Once your computer get infected by Dot Ransomware then it encrypt all your files and make them inaccessible. Study show that this ransomware is capable to encrypt more than 380 file types, which include MS Office, database, PDF files like important file. Following the trend of other ransomware, it also add a signature extension to the encrypted files which is “.dot” extension. In order to encrypt your data, the ransomware apply AES and RSA ciphers. The files targeted by this threat are no longer accessible. In order to decrypt it victim will need a proper decryption tool. Here is the list of the file types which is targeted by Dot Ransomware :
How to minimize the damage of Dot Ransomware
However, it is not clear about the ransom amount of this threat but it is not advised to pay ransom in any way. Because there is great possibility that the criminals will ignore your request even after paying the money. Hence, it is recommended to have a backup copy of all your important files. If you have backup then you can easily get back your files without paying the ransom. Usually the ransomware comes via spam email campaign. So you need to pay attention when you get email from unknown person because it may activate ransomware in the system. Different anti virus vendor flag the file of this ransomware from following name :
- Trojan ( 0050697c1 )
Removal instructions of Dot Ransomware
It is necessary to remove Dot Ransomware because it not only encrypt your files but also open backdoor in the system. As a result other threat as well as cyber criminals can attempt to invade your system. There are two possible ways to remove ransomware, manual and automatic (Recommended). In order to remove it manually, follow the below steps:
Step 1: Restart PC in Safe Mode with Networking
Click on start button >click Shutdown button.
Then click on Restart button and click OK.
Continue pressing F8 key once your PC become active.
It open the Advanced Boot Options window.
Select Safe Mode with Networking
Step 2 : Stop malicious process From Task Manager
Press Windows + R button together.
It will open the run box on your screen
Type “taskmgr” and click on OK button.
Select malicious process in process tab
Click on End process tab
Step 3 : Enable Hidden files and Folders
Click on start menu and select Folder option
After that go to the advance settings
Here, enable “show hidden files and folders”
Mark the box if it is unmarked
Click on Apply and then OK
If you are unable to remove Dot Ransomware with manual steps then don’t get panic. You can remove the threat completely with the help of Free-scanner in just few simple steps.