The Bananacrypt ransomware, spotted in January 2018, is a destructive program that is supposed to encrypt files using AES encryption. The threat is programmed to append the extension .bananaCrypt to every affected file and create a notepad file containing a ransom warning. Such behavior is typical of the vast majority of ransomware infections, which can access computer in different ways. The Bananacrypt ransomware may not execute these steps due to some errors in the code. An analysis of the threat has shown that the infection may cause no damage to file data, but that does not mean that the threat cannot be revamped in the near future to fulfill the schemers' goals. Yet, if your files have been damaged by the Bananacrypt ransomware, which you have identified by the file extension, you should not wait but remove the threat as soon as you can.
As regards ransom notes created by ransomware, it is highly important to ignore the requirements given in those warnings. So-called ransom notes usually state that all your files are now encrypted, and that the only way to reverse them into their original format is by launching a decryption tool or applying a decryption code. In the case of the Bananacrypt ransomware, the victim is asked to purchase a decryptor. Specifically, a sum of $300 in Bitcoin is demanded in return to the lost data. The money has to be send to the account asdffdsaasdf. The requirement is no surprise to malware researchers, because all ransomware threats targeting individuals demand more or less affordable amounts of money. In cases when the whole network of computers and servers are taken hostage, much higher sums are required for data recovery.
Over years, ransomware developers have gained new skills in malware coding but use more or less the same malware distribution methods to inject malware to unprotected systems. For example, scam emails, mostly phishing emails, and drive-by downloads are still in use. Brute-force RDP attackers are also being used to distribute malware, so, if you want to be secure on the Internet, ignore questionable email, browse only reputable websites, and use strong passwords for remote access services.
The increasing revenues suggest that the attackers are becoming more greedy and that victims have not lost their hopes that they will regain access to their lost data.
For example, it is estimated that 60% of Australian businesses have been affected by ransomware, and as much as 57% agreed to pay the demand money. The results also show that out of three organizations that paid, nearly one did not have the data restored.
Malware researchers and law enforcement agencies, including FBI, warn both individual users and businesses to create recovery strategies and prioritize security. Valuable data, no matter in what form it is, should be backed up and stored on off-line devices or on a cloud backup that is not connected to the network that could be infected. The systems and software programs should be kept up-to-date, and this applies to individuals and businesses alike. Implementing anti-malware programs that are capable of fighting malware, spyware, and ransomware is also vital in order to prevent severe damage, because only a combination of different measures guarantees online security.
There are many other threats that are more dangerous than the Bananacrypt ransomware. If the infection has not damaged your files, you can backup your data and shield the OS from malware.
In order to remove the Bananacrypt ransomware manually, no complex procedures are necessary because the threat does not create additional files. All that you should do is remove its executable, which can be named randomly, which is another reason why you should consider implementing a reputable security program that can remove Bananacrypt for you.