Remove Baxter Ransomware

Ransomware and Weak Passwords

Ransomware continues to be the most profitable threatening implant that cybercriminals worldwide rely on. These threats have become very prominent due to how accessible they are – criminals do not need to build one from scratch and, instead, they can use one of the pre-made ransomware families like VoidCrypt. The latter ransomware family has been around for about a year, and it has already been used to give birth to dozens of file-lockers that use an undecipherable file-locking mechanism.

If the Baxter Ransomware ends up on your computer, you will lose access to documents, backups, video, media and other important files. The Baxter Ransomware uses a unique extension to mark the names of the file it locks – '.[karusjok@gmail.com][<VICTIM ID>].baxter.'

Finally, the Baxter Ransomware will end its attack by creating a ransom message 'Decrypt-info.txt.' This file contains a message identical to the one found in other versions of VoidCrypt. It urges the victim to prepare to pay a decryption fee via Bitcoin, as well as to email the attackers at karusjok@gmail.com. The criminals warn the victim that any attempts to try alternative data recovery options may end up damaging their files beyond repair.

You should not trust Baxter Ransomware's operators because they may try to trick you – even if you agree to pay, there is no guarantee that you will receive a decryptor. If you suspect that the Baxter Ransomware has harmed your files, then your first step should be to run an anti-virus application to ensure the malware's full removal. After this, start restoring files from a backup or use alternative data recovery options. 

June 11, 2021