Storagecrypter Ransomware is supposed to be a dangerous malware infection that can encrypt all your important files in a short time; however, it seems that right now the server is down so no encryption may take place at all. This can also mean that the ransomware program itself may not be finished and that is why it does not work fully, but there are users who have reported encryption by this threat. In any case, it is important for you to learn about the details surrounding this malicious attack so that you know how to protect your PC more efficiently from future attacks. Although we always say that it is important to have a backup of your files either in cloud storage or on a removable drive, it seems that in this case even cloud storage would not be safe enough as this dangerous ransomware has capability to encrypt your files in your cloud storage as well by hacking into it. Therefore, we recommend that you remove Storagecrypter Ransomware immediately even if your files seem to be unaffected.
There are a couple of ways for cyber criminals to spread such a dangerous threat. It is possible that you infect your system by opening a spam e-mail and running its attachment. This spam mail can be very deceiving and may trick even more experienced users into wanting to see its content, i.e., the attachment itself since the message body will not really reveal too much about the supposed urgent matter this spam refers to. Your curiosity is at play here; and, this spam can definitely make you curious even if you do not feel related to the alleged issue. You need to know that your spam filter is not 100% protection since it can make mistakes. In fact, it may place totally legitimate and important mails in your spam folder. This is why a lot of users keep checking this folder for possibly misplaced mails and this is how they may believe that this spam is indeed urgent. Please remember that once you try to view the attached file, you cannot remove Storagecrypter Ransomware without losing your files if this is a working version.
It is also possible that you click on the wrong third-party content while surfing the web and this is how you land on a malicious page that is armed with Exploit Kits. If your browser or (Java and Flash) drivers are not up-to-date, there is a good chance that such a dangerous ransomware infection is dropped the moment this malicious page loads. This is why it is essential to keep all your browsers and drivers as well as all other software on your system always updated unless you want to end up having to delete Storagecrypter Ransomware or any other threats.
As we have mentioned earlier, the samples we have found and tested did not really fully work. This could mean that the Command and Control (C&C) server may be down or that those samples were unfinished. But we can still confirm certain aspects of this attack based on our research and user reports. It seems that the malicious executable file is copied to "C:\windows" and is named "smss.exe." This ransomware can encrypt your photos, videos, audios, documents, archives, in other words, the usual personal files that other ransomware infections also target. The encrypted files are supposed to append a ".locked" extension, which we have seen a couple of times already in other cases as well.
This ransomware program drops a ransom note text file called "_READ_ME_FOR_DECRYPT.txt," which contains information about the encryption and how you can get your files recovered. You have to send 0.4 BTC, around 4,960 USD, to a given Bitcoin address. Then, you have to send an e-mail to "JeanRenoAParis@protonmail.com" with your "Decrypt-ID" to finally get the decryption key in a reply. Before you transfer the money, you are given the opportunity to send up to two small files to be decrypted for free. In any case, we do not recommend that you pay any money to these cyber crooks because they may ask for more once you do so. There is absolutely no guarantee that you will receive the decryption key. Thus, we advise you to delete Storagecrypter Ransomware right away.
Since this infection does not seem to lock your screen and disable your system processes, it should be quite easy to eliminate it no matter how dangerous this threat may be. We suggest that first you kill the malicious process via Task Manager if it is still running in the background. Then, you can delete all related files and restart your machine. Please follow our guide below if you are ready to act. If you want to give your PC the best possible protection, we advise you to install a reliable anti-malware program, such as SpyHunter; the sooner, the better.