Home Malware Programs Ransomware RemindMe Ransomware

RemindMe Ransomware

Posted: April 25, 2016

Threat Metric

Threat Level: 10/10
Infected PCs: 15
First Seen: April 25, 2016
OS(es) Affected: Windows

The RemindMe Ransomware is a threatening file encryptor that blocks your access to your data with an encryption routine, forcing you to pay its perpetrators for a decryption service tailored to your infection. Although some threat authors do provide real decryption services, the natural risks with such transactions make it preferable to use any other means of restoring encrypted content, when at all possible. Malware experts also stress using backups for limiting the RemindMe Ransomware's damages and anti-malware tools for properly deleting the RemindMe Ransomware.

A Trojan's Reminder You won't Soon Forget

Successfully profiting from a threat campaign isn't always a matter of doing something different from the competition. Since the rise of CryptoLocker in 2013, con artists have been using minor variations of the same code and tactics to deliver new attack campaigns, as seen with the RemindMe Ransomware. This Trojan dates to 2016 and has no public decryptor available to help victims reverse its attacks while avoiding its ransom demands.

Using distribution strategies not yet verified, the RemindMe Ransomware installs itself automatically and then scans your hard drives for suitable targets. Files most likely of being encrypted by the RemindMe Ransomware include those of popular Microsoft Office formats, along with general media formats, such as JPG or MP3. Besides adding the '.remind' extension to the name of each file, the RemindMe Ransomware also runs an encryption process, preventing you from opening them.

The RemindMe Ransomware's payload concludes with placing both TXT and HTML files in the same directories as any encrypted data. Both formats of files contain the same ransom message, demanding an unusually high (USD value of over eight hundred) Bitcoin payment and advice on how to make the transaction. Like the Jigsaw Ransomware and the CryptoBit Ransomware, the RemindMe Ransomware also places its victims under a sharp time constraint by threatening to delete any unpaid-for data after five days.

Getting out of a File Ransoming Attack without a Cent Paid in Ransoms

PC owners with truly essential data on their machines should use non-local backup strategies for straightforward means of recovering from the RemindMe Ransomware attacks. A majority of threats in the RemindMe Ransomware's classification will take action against local, Windows-based backups, but malware analysts see relatively few of them possessing the functions necessary for compromising cloud server accounts. Additionally, disconnected storage devices, such as the ubiquitous USB drive, always can restore your data from safe backups, thereby making the theoretical inviolability of this threat's encryption irrelevant.

Once its encryption and message-dropping routines finish, the RemindMe Ransomware has no further observed functions. Despite its limited focus, the RemindMe Ransomware's presence may correlate to other security issues, including the installation of backdoor Trojans and other threats that could give fraudsters access to your PC. Using dedicated anti-malware products for deleting the RemindMe Ransomware while scanning the rest of your machine will prevent related threats from continuing to cause problems beyond the scope of the initial encryption attack.

Because the RemindMe Ransomware's campaign is dated recently, malware experts can provide no information regarding free decryption services for encrypted data. However, PC users with appropriate backup strategies should, as usual, find it easy to ignore this limitation.

Loading...