SuddenTax Ransomware is a new ransomware infection that imitates Globeimposter Ransomware, judging from a ransom note it drops. Even though it shares similarities with the original threat, it has been given a new name because it marks encrypted files with the filename extension .suddentax. Yes, this ransomware infection is one of those nasty threats that lock victims’ files without mercy once they infiltrate their computers successfully. Without a doubt, cyber criminals distribute it because they expect that it could help them to obtain money from users. If you ever become one of the victims of this malicious application, do not even think about paying money to cyber criminals because you cannot know whether you could unlock your files by sending money to crooks. Also, it would be very naive to expect that malicious software developers will stop creating and releasing threats soon if they achieve their major goal – to extract money from users. You might encounter new threats they release yourself in the future, so our recommendation for you would be not to support cyber criminals. Instead, if you ever encounter SuddenTax Ransomware, erase this ransomware infection from your computer right away. If you do not remove its Value created in the system registry, it could launch automatically on system startup, meaning that it will search for new files to encrypt on your system each time you turn on your computer and your Windows loads up. We will explain to you at the end of this report how to get rid of this infection.
SuddenTax Ransomware is not a very sophisticated malicious application, but it is still considered a harmful infection because it ruins users’ personal files soon after it infiltrates their computers. It targets almost all files no matter where they are located. Luckily, it skips the %WINDIR% folder that contains system files. This means that you could use your computer normally after the successful entrance of this malicious application. You will soon find out which of your files have been locked by this threat – they all get the .suddentax extension. It is not the only sign showing that you have encountered SuddenTax Ransomware. If you can locate how _to_back_files.html in all affected folders, there is no doubt that this infection is the one responsible for locking data on your computer. This file is a ransom note that explains users why they can no longer access a bunch of their files and what can be done to unlock them. To be more specific, this infection demands 2 BTC, which is 21 170 USD at today’s price. You are the only one who can make decisions here, but if we were you, we would not send such a huge amount of money to crooks. If you do not receive the decryption tool from them, you will not get your money back either. Unfortunately, free decryption software that could decrypt files encrypted with the RSA encryption algorithm does not exist, which means that users can only restore their files from a backup. Unfortunately, there is no other way to restore encrypted data for free.
Malware researchers working at 411-spyware.com still do not have much information about the distribution of SuddenTax Ransomware, but there is no doubt that this infection slithers onto computers without the users’ knowledge and then mercilessly encrypts their personal files. According to specialists, the chances are high that users help malware to enter their computers themselves. For example, SuddenTax Ransomware could have entered your system after you had opened a malicious email attachment. Hundreds of harmful malicious applications are spread as attachments in spam emails, so do not open emails that are filtered to the Spam folder by your email provider. Of course, other distribution methods might be adopted to spread harmful infections as well, so having security software enabled on the system is what our security specialists recommend for ordinary users too.
SuddenTax Ransomware creates a Value in the system registry and copies itself to %LOCALAPPDATA% when launched, so its removal will not be very easy, but we are still sure you could erase it yourself manually if you use our manual removal guide. If, for any reason, you cannot delete this threat manually, download a powerful antimalware scanner and use it to remove this nasty infection. We are not going to lie to you – this removal method is more suitable for less experienced users if compared to the manual one.
|#||File Name||File Size (Bytes)||File Hash|
|1||ransomware.exe||57344 bytes||MD5: 67096c6b443417870c08e655692173b6|
|2||how_to_back_files.html||5680 bytes||MD5: 4aa02af3830771d064b27ba15e0a8ece|
|#||Process Name||Process Filename||Main module size|