The Amnesia Ransomware is used to take the victims’ files hostage. Ransomware Trojans like the Amnesia Ransomware are designed to encrypt the victim’s files using a strong encryption algorithm. It encrypts victim’s files and refrains from accessing their sensitive and other personal files. It alters the names of all encrypted files with .amnesia extension. Then attacker demands a ransom in exchange for file decryption.
The files encrypted in the Amnesia Ransomware attack will no longer be readable and may show up as blank icons in the Windows Explorer. The Amnesia Ransomware targets a wide variety of files, generally looking for user generated files that may include spreadsheets, text documents, images, videos, music files, databases, etc. The Amnesia Ransomware delivers its ransom note in the form of a text file named ‘HOW TO RECOVER ENCRYPTED FILES.TXT.’ This file alerts the victim of the attack and demands the payment of a ransom to recover the infected files. The full text of the Amnesia Ransomware ransom note:
‘YOUR FILES ARE ENCRYPTED!
Your personal ID:
Attention! What happened?
Your documents, databases and other important data has been encrypted.
If you want to restore files send an email to: firstname.lastname@example.org
In a letter to indicate your personal identifier (see in the beginning of this document).
* Do not attempt to remove the program or run the anti-virus tools.
* Attempts to self-decrypting files will result in the loss of your data.
* Decoders are not compatible with other users of your data, because each user’s unique encryption key.’
The best protection against the Amnesia Ransomware and similar ransomware threats is to have backups of all files on an independent memory device or the cloud, as well as a reliable security program like Max Total Security that is fully up-to-date and capable of intercepting the Amnesia Ransomware and similar threat attacks before they can start infection.