Remove GoNNaCry Ransomware

Ransomware attacks continue to be the #1 threat to computer users. Malware of this type has the ability to cause long-lasting damage to the files of its victims. This way, even if the malicious program is removed, the damage it caused will still not be fixed. Unfortunately, recovering from a successful ransomware attack may often be borderline impossible. For example, the GoNNaCry Ransomware uses a flawless file-locking mechanism, and this renders free decryption tools useless. The only reliable way to recover files that the GoNNaCry Ransomware damages is to restore their original copies from an up-to-date backup.

The authors of this ransomware may be delivering it to potential targets via social media or email spam, fake downloads, pirated media/software, and other shady content. Once the malicious executable is launched on an unprotected device, the GoNNaCry Ransomware will immediately drop its files to system folders and set off the attack. It aims to encrypt the contents of commonly used file formats like documents, images, archives, etc. Once it locks a file, it appends the '.GoNNaCry' suffix to its name. Finally, it ends its attack by creating the ransom message 'GoNNaCry.html' on the desktop.

The ransomware gang behind this campaign offers a decryption service that would cost users $400 via Bitcoin. However, we assure you that trying to purchase anything from ransomware developers is an awful idea that is unlikely to end well for you – it is likely that you will be extorted for more money if you end up paying.

So what should you do as a victim of the GoNNaCry Ransomware? As mentioned above, using the email GoNnaCrypt@protonmail.com to contact the criminals is not the correct approach. Instead, you should run a reputable antivirus tool to eliminate the GoNNaCry Ransomware and prevent it from causing more damage to your data. Once the ransomware has been disposed of, you will be able to experiment with alternative data recovery software and techniques.