Remove Prometheus Ransomware

What to do after a ransomware attack

The Prometheus Ransomware is a file-encryption Trojan whose creators claim to be affiliated with the REvil Ransomware gang. While this is yet to be confirmed, it is clear that Prometheus Ransomware's file-locking mechanism is very strong – it is impossible to crack or reverse it via free utilities. Once the Prometheus Ransomware infects a computer, it will execute a swift attack meant to encrypt the contents of important files. When the Prometheus Ransomware locks a file, it will append an ew extension to its name, usually representing the victim's ID.

Of course, ransomware operators only have one thing on their mind – getting money from their victims. Prometheus Ransomware's creators are not any different, and their malware will drop two ransom notes that extort the victim for money. The documents, called RESTORE_FILES_INFO.hta and RESTORE_FILES_INFO.txt have similar contents.

The gang behind the Prometheus Ransomware project is also abusing a new tactic to extort the victim for money. Not only do they encrypt files, but they also steal the original copies and transfer them to their server. They threaten the victim that failure to pay the ransom fee will result in:

  • Having their decryption key purged.
  • Having their stolen data leaked or sold online.

Needless to say, these threats are very severe. However, paying the ransom fee is a terrible idea most of the time. If you agree to do this, the criminals may end up asking you for money or even ignoring your messages.

Co-operating with cybercriminals is never the right choice. If you are a victim of the Prometheus Ransomware, we suggest running an anti-malware tool to terminate the threat. After this, start restoring files from a backup or use alternative data recovery options.

July 2021 Update! - REvil Ransomware Cybercrooks Launch New Attacks on Hundreds of Businesses During July 4th Holiday

The cybercrooks behind the

The REvil Ransomware attacks were discovered on Friday, July 2nd right after REvil hackers used a software update to attack Kaseya’s remote desktop services. The attack prompted the company to shut down its SaaS servers to protect customer data. The precautionary measures taken potentially reduced the dire consequences of the attack. Other companies attacked may not have been so lucky as ransomware threats like REvil lock data through encryption and leave some organizations no other choice but to pay a substantial ransom fee potentially in the millions of dollars to get there data back.

By Ruik
May 27, 2021
Ransomware
English
May 27, 2021
Ransomware

Popular Posts

As Fears of the Coronavirus Pandemic Spread, So Does...

5 years ago

What is the OperaGXSetup.exe File and is it Malicious?

11 months ago

Eporner.com And Why Its Excessive Pop-Ups Are Risky

11 days ago

HackTool:Win32/Crack: a Malicious Threat That Can Seriously...

7 months ago

Take Note: Someone Added You As Their Recovery Email Scam

10 months ago

A Potentially Serious Threat: Trojan:Win32/Suschil!rfn

18 days ago

Related Posts

Ransomware

Remove Coms Ransomware

The Coms Ransomware is a file-locker that you do not want to deal with. It is part of the infamous Dharma Ransomware family, and users who fall victim to its attack will not have access to a free decryptor. This... Read more

May 13, 2021
Ransomware

Remove CALVO Ransomware

The CALVO Ransomware is a dangerous file-encryption Trojan, which is part of the Phobos Ransomware family. If it manages to compromise your computer's security, it will carry out a devastating file-encryption attack,... Read more

May 17, 2021
Ransomware

Remove XiNo Ransomware

The XiNo Ransomware is a file-locker programmed to encrypt files, and then drop a ransom document that extorts the victims for money. It is based on the Xorist Ransomware project, which, fortunately, means that it may... Read more

May 24, 2021
English
Loading...

Cyclonis Password Manager Details & Terms

FREE Trial: 30-Day One-Time Offer! No credit card required for Free Trial. Full functionality for the length of the Free Trial. (Full functionality after Free Trial requires subscription purchase.) To learn more about our policies and pricing, see EULA, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Home

Products

Cyclonis Password Manager Cyclonis World Time

Support

Help Files FAQs Downloads Inquiries & Support

Company

About Us Contact Us Report Abuse

Legal (Post Merger)

EnigmaSoft Limited (fka Cyclonis Limited)

Cyclonis Password Manager's EULA Cyclonis World Time's Terms of Service Privacy Policy Cookie Policy Special Discount Offer Terms Additional Terms & Conditions SpyHunter EULA RegHunter EULA EnigmaSoft Privacy Policy & Cookie Policy ESG Privacy Policy & Cookie Policy EnigmaSoft Discount Offer Terms ESG Discount Offer Terms

© 2017-2025 Cyclonis Ltd. CYCLONIS is a trademark of EnigmaSoft Limited (Cyclonis was merged into EnigmaSoft Limited effective November 25, 2023.) All rights reserved.

Registered Office EnigmaSoft Limited: 1 Castle Street, 3rd Floor, Dublin 2 D02 XD82, Ireland.
EnigmaSoft Limited, Private Company Limited by shares, Company Registration Number 597114.

Windows is a trademark of Microsoft, registered in the U.S. and other countries.
Mac, iPhone, iPad and App Store are trademarks of Apple Inc., registered in the U.S. and other countries.
iOS is a registered trademark of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
Android and Google Play are trademarks of Google LLC.