- Slow Computer
- System crashes
- Connects to the internet without permission
- Installs itself without permissions
- Can't be uninstalled via Control Panel
It is high time we overview a new ransomware-type infection called Pizzacrypts Ransomware that is set to demand money from you but not before it encrypts some of the valuable files you may have on your PC. However, we recommend that you remove it from your PC provided that it has been infected. You should resist the temptation of paying the ransom because you might not get the promised decryption key especially if you use an unpopular email service provider (more on that below.) Alas, there is no decryption program that could decrypt your files for free, so if you have no valuable information on your machine, then we invite you to delete it using the instructions included at the bottom.
Evidently, an application such as this one cannot be bundled with legitimate software or featured on a dedicated website. Pizzacrypts Ransomware is pure malware, and it is distributed by sending fake emails disguised as invoices and receipts that contain a file archive that when extracted drops this infections executable to a location selected by the user and automatically launches to begin the encryption process. So you must exercise caution when opening emails that might not be addressed for you because cyber criminals count on your curiosity to get your PC infected. A good anti-malware program can prevent this ransomware from entering you PC, but if you do not have one, then you will not even notice the infection until it is too late.
After Pizzacrypts Ransomware has successfully infiltrated your computer, it will scan particular folders that include %PROGRAMFILES%, %PROGRAMFILES(x86), %userprofile%\Pictures, and %, %USERPROFILE%\Downloads for file formats such as .txt, .doc, .docx, .ppt, .img, .wma, and so on and encrypt them using a secure symmetric algorithm. We believe that this particular ransomware uses a variation of the AES encryption algorithm to encrypt the files and an RSA algorithm to encrypt the decryption key. While encrypting, this ransomware adds an firstname.lastname@example.org file extension, but the numbers are randomized.
After the encryption is complete, it will drop a text file named Pizzacrypts Info.txt which contains the ransom note. This note features email addresses in addition to other information necessary to get in touch with the cyber criminals so that they could give you additional instructions on how to pay the ransom. Currently, the email addresses are email@example.com and firstname.lastname@example.org. Take note that the cyber criminals want you to use Bitmessage which is a program that enables its users to send encrypted emails. The Bitmessage address is BM-NBRCUPTenKgYbLVCAfeVUHVsHFK6Ue2F. Furthermore, the criminals want you to use Gmail to send the email because if you use another email service provider, then they might not receive it.
Pizzacrypts Ransomware’s developers warn you not to try to decrypt the files using a third-party decryption tool because you will distort the encryption and damage them beyond repair. They use scare tactics to compel you to purchase the decryption key for which they may ask a substantial amount of money. It is likely that they will want you to pay the ransom in Bitcoins, and the ransom should range from a few hundred to thousands of dollars, you paying the ransom may not be worth the files.
In conclusion, Pizzacrypts Ransomware is a simple yet dangerous infection that can cause you many problems if your computer is unprotected. It has been configured to encrypt your files and demand money for getting them back. We do not recommend that you pay the ransom because the chances are that you will not receive the decryption key. We do, however, recommend that you remove it manually, or using our featured anti-malware tool SpyHunter because this ransomware’s name is random and you may have trouble identifying it. You should find this infection’s executable in the folder where you have extracted it because testing has shown that it does not create copies.