If your computer is full of .txt files informing you about file encryption, the odds are that you are dealing with Pulpy ransomware, which encrypts files in numerous directories in an attempt to scare you into paying a ransom fee. You should not consider paying any release fee because cyber criminals are not interested in helping you. Ransomware infections should be removed from the computer once detected, but the Pulpy ransomware does that for you. The infection terminates itself once encryption processes are finished, but that does not mean that you should leave everything as it is. There are several preventative measures you should take, and we discuss those measures further in the text.
Our research on the infection has shown that the threat skips certain directories and file extensions. The directories bypassed by Pulpy includes Program Files, Windows, AppData, Microsoft, and some other folders. Additionally, the extensions that are excluded from the target list of the Pulpy ransomware are .ani, .cpl, .dat, .dmp, .drv, .hlc, icons, to mention just a few. Every file encrypted by the Pulpy ransomware gets an new extension, .aes next to the original one.
The Pulpy ransomware does not have a victim-friendly interface, which would contain a countdown for the ransom payment. Usually, a ransomware infection displays a program window-like warning containing instructions how to pay the ransom fee. The Pulpy ransomware creates only .txt files, which, as the analysis has revealed, shows victims different contact email addresses depending on the version of the threat. So far, two variants of the infection are known with the email addresses email@example.com and firstname.lastname@example.org. The Rapid ransomware is another infection operating in a very similar way and available as two separate versions with different email addresses provided in their ransom notes.
As for the content of the ransom warnings, the Pulpy ransomware gives a term of 2 days to pay the ransom. Cyber criminals behind ransomware campaigns have already gathered huge revenues from inexperienced and gullible computer users thinking that by paying up they would regain access to their lost data. The truth is that there is no guarantee that the attackers responsible for the Pulpy ransomware would bother to decrypt your data. If you contacted them via email, you would probably be required to pay a ransom of over $100 in Bitcoin, which is a currency that is very popular among cyber fraudsters. Bitcoin is crypto money that is not controlled by any central bank. Moreover, money transactions are made anonymously and are barely traceable, which only encourages black hat hackers to continue working on their deceptive plans.
In order to minimize the risk of confronting cyber crooks, it is necessary to stay away from unreliable software sharing websites promoting bundled software. Every time you launch a setup file, pay attention to the terms displayed so that you can prevent unwanted changes within the system. Ignoring spam emails is also important. Never should you click on the link or attachment in the email because that single click might start an avalanche of malware, and the consequences might be long-lasting, depending on how dangerous the threat installed is. In addition, you should not click on pop-up advertisements, especially on those with flashing warnings inviting you to scan the computer, take part in a survey, play an online game, etc. Pop-up ads are one of the means to distribute malware, or rather make the victim access a malware threat, so, beware of the risk involved when dealing with annoying pop-ups.
It is also necessary to pay attention to the operating system and software used. Your OS should be kept updated, and this applies to the software on your PC. It is advisable to have anti-malware installed because malware gets on the computer unnoticed, and you may not suspect that some illegal processes are taking place on your computer. Additionally, it is worth backing up files so that you can use the copies whenever you lost your files stored on the computer.
Even thought the Pulpy ransomware removes itself, that does not mean that your OS is malware-free. To make sure that no data-stealing or -destroying threats are running in the background, consider implementing a powerful malware removal tool.