BananaCrypt Ransomware is yet another ransomware that makes use of AES encryption to lock files and make them inaccessible. It adds .bananaCrypt file extension to stored files on the system and thereby forcing victims to pay $300 for file decryption.
The Bananacrypt ransomware is spread with some flaws in its code; hence, the encryption process is not carried out successfully. This was observed when analysing the sample obtained by malware researchers. The version analyzed have not created any file containing a ransom note, but it has been revealed that the Bananacrypt ransomware should create a notepad file named “readme.”
As soon as all files are encrypted by Banana ransomware, malware delivers a ransom note where cyber criminals give people instructions what they have to do. The full message of the ransom note:
Your files have been decrypted using a unique key, generated for this computer
Send 300 USD worth of bitcoin to the address below to obtain your key to decrypt your files
Dont waste your time looking for a way to decrypt your files. This is only possible using our decrypter
Ransomware-type cyber threats can be spread via:
- malicious ads that can be placed on legit and corrupted sites;
- fake software updates or downloads;
- exploit kits that take advantage of the outdated software or operating system.
Do not pay any ransom to these warnings and always remember to use a good Total Security program such as Max Total Security which will take regular daily back up on your hard disk or another computer on network to restore in such times.