What is brutusptCrypt Ransomware?
The brutusptCrypt Ransomware is an encryption Trojan that, like many other, similar threats, may be delivered to computer users via compromised spam email attachments, corrupted advertisements and torrent websites. This is why computer users should always be careful when handling spam email content and unsolicited email attachment.
The brutusptCrypt Ransomware takes the victims' files hostage and asks for a ransom payment to give back access to the victim's files. The brutusptCrypt Ransomware enciphers the victims' files with a powerful encryption method and changes de names of any file compromised by adding the file extension '.brutusptCrypt' to the end of their original names.
Unfortunately, due to the encryption algorithm the brutusptCrypt Ransomware uses, the files compromised by the attack are not recoverable without a decryption software that the attackers keep in their possession. Once the brutusptCrypt Ransomware encrypts a file, it will become useless;
The brutusptCrypt Ransomware attack's main goal is to make the victims pay the asked ransom, which, in this case, is 1 BTC. The brutusptCrypt Ransomware's ransom note is delivered in a pop-up window and in a text file named 'Payment_Instructions.brutusptCrypt.txt' which will be dropped on the computer's desktop. The ransom note also provides an email address, francisco.henriques@airbus.com, that should be used to contact the attackers. However, contacting criminals or paying them a ransom is never advised. Instead, victims of the brutusptCrypt Ransomware and similar threats should take the necessary measures to be protected from them in the future.
The ransom note presented by the brutusptCrypt Ransomware to its victims reads:
'Your files have been encrypted!
But don't worry, you can recover them 🙂
Please send 1Bitcoin(s) to the following BTC address
1u8h3u23h3jCyb3r22mer97ptPSi12am1143
Next up, E-mail your transaction ID to the following
francisco.henriques@airbus.com
Airbus Cybersecurity wishes u a nice day! ;)'