Aurora Ransomware (sometimes called OneKeyLocker Ransomware) is new crypto-virus, that started circulating the web since the end of May, 2018. It uses DES algorithm to encode files and adds .Aurora extension, after which it got its name. After encryption ransomware creates several text files HOW_TO_DECRYPT_YOUR_FILES.txt, newest version creates single #RECOVERY-PC#.txt file, containing ransom note with contact information and instructions. Usually, viruses of this type ask for $100 – $500 in BitCoins. At the moment, there are no public decryption tool available. Full recovery is only possible with help of backups. You can preserve your files till actual decryptor will be created. Some data can possibly be restored using instructions on this page.
CryptON Ransomware or Nemesis Ransomware or X3M Ransomware is one of the most dangerous and wide-spread ransomware families. Currently, there are multiple successors of initial virus and several deviations built on another platforms. Cry9, Cry36 and Cry128 Ransomware came from this series. Virus uses mix of AES-256, RSA-2048 and SHA-256 encryption algorithms Latest discovered version is actually called CryptON Ransomware and uses .firstname.lastname@example.org extension for affected files. Ransom demand from 0.2 to 1 BitCoin for decryption. It is not recommended to pay the ransom as there are no guarantee malefactors will send decryption key. Use instructions on this page to remove CryptON Ransomware and decrypt .email@example.com, _x3m or _locked files from Windows 10, Windows 8 or Windows 7.
Bip Ransomware is another successor of Dharma/Crysis Ransomware family. New variation adds complex suffix, that ends with .bip extension, to all affected files. Bip Ransomware encrypts almost all types of files, that can be valuable to users, such as documents, images, videos, databases, archives, project files, etc. It is currently unknown, what type of encryption algorithm Bip Ransomware uses, but probably it is AES. Bip Ransomware usually demands from $1000 to $2000 in BitCoins for the decryption key. However, often hackers don’t send any keys and it is not recommended to pay the ransom. As for today, the 5-th of May 2018, decryption is not possible, however, you can attempt to decrypt your files from backups or trying file recovery software.
GandCrab2 Ransomware is a virus, that uses AES (CBC-mode) algorithm to encrypt user files. During the process ransomware adds .CRAB extension to encrypted files. Following successful encryption, GandCrab2 creates CRAB-DECRYPT.txt file. Unfortunately, due to using TOR payment pages, NameCoin servers and cryptocurrency, there is no way to track the hackers, unless they make a mistake. Decryption key of previous version of GandCrab became public due to data leakage from their servers. GandCrab2 Ransomware asks 0.5 – 0.8 Dash (cryptocurrency) , which is less then before, however it still can estimate from several hundreds to more than thousand dollars.
Arrow Ransomware is new file encryption virus from Dharma/Crysis Ransomware family. Malware uses AES encryption. Unlike previous versions, it appends .arrow extension to all encrypted files. Arrow Ransomware encodes almost all types of files that can be important to users, including documents, images, videos, databases, archives. Arrow Ransomware demands from $1000 to $2000 in BitCoins for the decryption key, that they actually rarely send out. Currently, decryption is not possible, however, you can decrypt your files from backups or trying file recovery software. There is also a slight possibility, that you will decrypt your files using tips and tricks described in this article.