AES stands for “Advanced Encryption Standard,” and it is used by Enigma Ransomware to encrypt your personal files. The files encrypted by this infection are not difficult to identify because of the “.enigma” extension attached to them. This threat is likely to target your personal files, which it can determine by their file types. All photos, videos, other kinds of media files, documents, PDFs, text files, and other sensitive, hard-to-replace files will be encrypted by this malicious ransomware. Immediately after this, the infection will execute the enigma.hta file to showcase a notification that includes all of the demands. Needless to say, these demands are represented in Russian. The notification includes a Wikipedia page regarding the AES encryption algorithm, so that the victim would learn more about it. Needless to say, regular computer users will be overwhelmed by the information provided on this page, and this is exactly what the creator of this ransomware wants. The more confused users are, the more likely they are to simply follow the demand of paying a ransom. Here is an excerpt from the ransomware note.
If you follow the demands and download the Tor browser and visit the website you are requested to visit, you will need to register with an RSA key that is in this format: ENIGMA_[ID].RSA. After this, you will be introduced to the amount of Bitcoins you need to pay in order to retrieve a decryption tool. It is likely that the ransom will be different for every user, but you can expect it to start at 0.4 BTC, which is around 180 USD. The problem is that paying this huge ransom does not provide a guaranteed way out of this mess. Some users report that their files remain locked even after paying the ransom, which is why you have to be careful when making the decision to pay the ransom. If you do not want to waste your money for no good reason, you should seek out other ways to restore your files first. Unfortunately, at the moment, tools that could decrypt the files encrypted by Enigma Ransomware do not seem to exist, which means that you have two options – to succumb to the demands of cyber criminals or to ignore them and lose your files.
Even if you delete Enigma Ransomware from your operating system, your files will remain encrypted. Of course, that does not mean that you can ignore this infection. Whether you manage to decrypt your files yourself or by paying the ransom, or you lose them, this malicious threat might target new files, and it might open security backdoors. We have seen plenty of malicious ransomware infections that were downloaded by clandestine Trojans, and there are no guarantees that additional malware does not exist on your own computer. If you choose to follow the steps shown below, make sure you also scan your operating system to see which other threats you need to delete. Of course, we recommend implementing anti-malware software to have these threats (including the ransomware) erased automatically. If this is the option you choose, install a trustworthy anti-malware tool and let it erase all active infections. Should you have any more questions for us, you can post them in the comments box below.
Enigma Ransomware Removal