Home Malware Programs Ransomware NOT_OPEN_LOCKER Ransomware

NOT_OPEN_LOCKER Ransomware

Posted: September 27, 2018

The Everbe 2.0 Ransomware appears to be still popular among cybercriminals, and it seems that a group of cybercrooks has reused the Everbe 2.0 code to create the NOT_OPEN_LOCKER Ransomware recently, a fully weaponized file-encryption Trojan, which locks files and then extorts their owners for money. Just like other file-lockers, the NOT_OPEN_LOCKER Ransomware also will carry out its attack as silently as possible, and it will only announce its presence when there are no files left to encrypt on the compromised computer.

All files corrupted by the NOT_OPEN_LOCKER Ransomware will have their names altered by including the ‘[notopen@countermail.com].NOT_OPEN’ extension (e.g. ‘archive.zip’ would be called ‘archive.zip[notopen@countermail.com].NOT_OPEN’). The ransom note is delivered at the end of the attack, and it is usually found on the desktop or in folders that contain encrypted files. The NOT_OPEN_LOCKER Ransomware uses the file ‘!_HOW_RECOVERY_FILES_!.txt’ to provide the victims with instructions on what they need to do if they wish to have their files decrypted.

Unfortunately, the decryptor offered by the authors of the NOT_OPEN_LOCKER Ransomware is not free, and they want to receive a hefty Bitcoin payment in exchange for the decryption software. Although this might sound like a legitimate offer, we assure you that sending money to the NOT_OPEN_LOCKER Ransomware’s authors is a terrible idea because the risk of being tricked is very high. Please note that the attackers offer to decrypt at least three files free of charge to prove that their decryptor works, and we advise you to take advantage of this offer. Even if they do get three of your files decrypted, you should still not risk sending them money.

If you believe that the NOT_OPEN_LOCKER Ransomware has taken your files hostage, then please make sure to run a trustworthy anti-malware software that will help clean up your computer off of this cyber-threat files immediately. Once the removal task is accomplished, you should try and use 3rd-party file recovery tools since they might be able to salvage some of your files. Also, make sure to preserve all files marked with the ‘[notopen@countermail.com].NOT_OPEN’ extension since their free decryption might become possible in the future.

Loading...