Remove Block Ransomware

The Block Ransomware Is a file-locker that appears to be the product of Russian-speaking malware developers. The goal of this Trojan is to cause long-lasting damage to files, and then extort the victim for money. It tries to convince users to pay by telling them that this is the only way to restore access to their files. According to Block Ransomware's creators, there is no point in using 3rd-party data recovery tools – they will not help, and the files may suffer more damage.

We assure you that Block Ransomware's creators are bluffing in an attempt to convince you to meet their demands. Although their ransom message, called 'readMe!.txt,' does not specify the ransom amount, their services will not be cheap. Typically, ransomware operators ask for hundreds of dollars, and they want to be paid through a cryptocurrency like Bitcoin or Monero. This requirement is not surprising – it helps them preserve their anonymity, and prevents users from reversing or tracking the transaction.

Block Ransomware Uses a Ransom Note in Russian

Victims of the Block Ransomware will notice several major changes to their system. Their documents, media, archives, databases, backups, and other files will be inaccessible. These files will also have a minor change to their name – the '.block' extension will be added next to the original filename. As we mentioned above, the 'readMe!.txt' ransom note will also be available for users to read. The criminals do not reveal much about the amount of damage their attack caused. Instead, they ask the victim to contact yaga.babushka@yahoo.com, and to supply the victim ID found in the ransom note. We advise you to avoid doing this – the criminals might scam you. The lack of any proof that their decryption service is reliable is a good enough reason to avoid paying the ransom fee. Instead, eliminate the threat with antivirus software, and they experiment with data recovery options.

October 6, 2021