Ransomware 2016-06-01T05:52:30+00:00


Has your data been encrypted by Ransomware Virus?

Don’t Panic! Get in touch and we can help.

Download decryption tools, click here

We specialize in recovering data encrypted by Ransomware/malware.

Business or individual, we can help recover your data. To log an incident with our expert, please complete the “Request Help” contact form.

Dealing with a ransomware infection can be a stressful time and it is important that you entrust your valuable business data to a reputable and trustworthy specialist such as ER Data Recovery Services.

We can recover your data quickly and easily.


In early 2016, destructive ransomware variants such as Locky and Samas were observed infecting computers belonging to individuals and businesses, which included healthcare facilities and hospitals worldwide. Ransomware is a type of malicious software that infects a computer and restricts users’ access to it until a ransom is paid to unlock it.

Ransomware is a type of malware that infects computer systems, restricting users’ access to the infected systems. Ransomware variants have been observed for several years and often attempt to extort money from victims by displaying an on-screen alert. Typically, these alerts state that the user’s systems have been locked or that the user’s files have been encrypted. Users are told that unless a ransom is paid, access will not be restored.

Ransomware is often spread through phishing emails that contain malicious attachments or through drive-by downloading. Drive-by downloading occurs when a user unknowingly visits an infected website and then malware is downloaded and installed without the user’s knowledge.

Crypto ransomware, a malware variant that encrypts files, is spread through similar methods and has also been spread through social media, such as Web-based instant messaging applications. Additionally, newer methods of ransomware infection have been observed. For example, vulnerable Web servers have been exploited as an entry point to gain access to an organization’s network.


Systems infected with ransomware are also often infected with other malware. In the case of CryptoLocker, a user typically becomes infected by opening a malicious attachment from an email. This malicious attachment contains Upatre, a downloader, which infects the user with GameOver Zeus. GameOver Zeus is a variant of the Zeus Trojan that steals banking information and is also used to steal other types of data. Once a system is infected with GameOver Zeus, Upatre will also download CryptoLocker. Finally, CryptoLocker encrypts files on the infected system, and requests that a ransom be paid.

The following are some of the more common variants of ransomware:


• Locky
• CryptoWall
• CryptoWall 3.0
• CryptoWall 4.0
• DMA Locker

• CryptoLocker
• Crypt0L0cker
• LeChiffre
• CTB Locker
• Maktub

• TorrentLocker
• KeRanger
• CryptoHost
• TeslaCrypt
• Coverton
• Cerber