Gorgon Ransomware happens to be another version of FilesLocker Ransomware that targets users in Korea, China, and the English-speaking countries. This is actually good news because FilesLocker Ransomware and other similar infections can be decrypted. Therefore, you do not need to scramble in search of options to restore your files. You just need to remove Gorgon Ransomware for good, and then refer to cybersecurity specialists for the publicly available decryption code. You would also do well if you were to protect your system from similar intruders in the future.
When this program enters your computer, it starts encrypting target files immediately. Once the files have been encrypted, you will notice the difference at once. Encrypted files will have the ‘.[firstname.lastname@example.org]’ extension appended to their filenames, and the system will no longer be able to read those files.
Just like most of the infections in the same group, Gorgon Ransomware will also play an audio file that says the following: “Hello. Attention! Your documents, images, databases and other important files have been encrypted!” If you keep your speakers on all the time, this notice might really take you by surprise.
The surprise element is something that is extremely important for any ransomware infection. They need you to panic so that you would be more willing to spend your money on the decryption key. The ransom note says that you have to pay 0.3 BTC (a bit over $1,000) for the decryption key. It says that the criminals behind Gorgon Ransomware will send you the decryption tool once you have transferred the payment.
However, there is no guarantee that these people would really send you this tool. What’s more, since there are public decryption tools available, you should not spend your money on these things. Of course, it is never a good idea to give your money away to these criminals in the first place. Just bear in mind that to use the public decryption key, you will need the ransom notes, so do not delete them along with Gorgon Ransomware.
Also, you have to avoid similar infections in the future, so please be careful whenever you are about to open an email attachment received from an unknown sender. It is always a good idea to double-check before you open anything. What’s more, if you think that you must have the file, but you do not know if it is safe, you can also scan it with a security tool, and you will know for sure.
On the other hand, Gorgon Ransomware does not create any Point of Execution, so you do not need to modify your Windows Registry entries, and it is rather easy to remove Gorgon Ransomware manually. The program will try to harvest and stream your browser information (like your history and saved passwords), so the sooner you get rid of it, the better. You should also run a full system scan with a legitimate security tool of your choice to make sure that there are no other dangerous intruders on your system.