Remove Rookie Crypt Ransomware
Rookie Crypt Ransomware is a relatively unknown ransomware family, which was discovered online only recently. The ransom note of this threat is written in Turkish, which hints at two things – either the author is from Turkey, or the victims to be targeted by the ransomware are living in Turkey. Although the name of the file-locker is Rookie Crypt, there is nothing 'rookie' about its file-locking mechanism. It is impossible to reverse Rookie Crypt Ransomware's encryption without the use of a unique decryption key that is generated for each victim. This important piece of information is transferred to the attacker's server during the attack, and they will only provide it in exchange for money.
After the Rookie Crypt Ransomware is done with its attack, it will rename locked files by appending an extension, which contains the victim's unique ID. Typically, it is represented by three combinations of letters and numbers – e.g. '.9Z1-A01-591.'
The ransomware will also drop the 'Rookie-Crypt.txt' ransom note, which does not reveal much about the attack. It instructs the victim to send an email to rookiecrypt@gmail.com for assistance. Typically, ransomware creators avoid using Gmail since Google is very strict when it comes to their services being abused with malicious intent – it is probably a matter of days for the rookiecrypt@gmail.com email to be taken down.
So, what do you do if the Rookie Crypt Ransomware has damaged your files? Avoid contacting the attackers because they will ask for money – paying them is not recommended because you are likely to get scammed. Users affected by Rookie Crypt Ransomware's attack are advised to run an anti-malware application to eliminate the malicious app. After this, they can proceed to restore files from a backup, do a System Restore, or explore alternative data recovery options.