Alcatraz Ransomware

If Alcatraz Ransomware finds its way to your operating system, there is a good chance that you may lose a lot of important files as this malware infection encrypts them. This ransomware takes your files hostage for the apparent reason of extorting money from you in return for the decryption of your files. Although there is no alternative way right now for you to be able to recover you files, we still do not recommend paying money to these criminals. Of course, this is totally your decision whether your files are worth the demanded ransom fee, but you should be aware that experience shows that crooks only rarely decrypt victims' files. So even if you transfer the money, you may simply be scammed and you may be left without your files and your money as well. This is why we recommend that you remove Alcatraz Ransomware from your system right away.

This ransomware uses the most widely applied distribution method called spamming campaign. A malicious executable file is disguised as a fake image or text document and attached to a spam e-mail whose main purpose is to promote this attachment. This is why it is not so easy to spot such a spam. It can seem to come from state or local authorities, reputable companies, and so on. The subject of this spam mail also makes it look more urgent so that you open it and view the attached file. This is further pushed by the message itself, which usually does not reveal too much and is mainly used to point you to the most important part of this mail: the attachment. All in all, if this spam ends up either in your spam folder or your inbox, there is a good chance that you would want to open it even if you do not feel related to the subject matter.

This attachment can pose as a picture of an unsettled and critical invoice, an unpaid speeding ticket, details about an undelivered parcel, and wrong credit card details given while booking a hotel room or a flight. These are the mostly used topics but, of course, the subject can be anything that would draw your attention to this mail. Another very important thing to know about this ransomware is that when you run the downloaded file to see its content, you actually initiate this attack. Therefore, if you delete Alcatraz Ransomware after it finishes encryption and shows you its ransom note, you will be too late to save your files. In other words, proper prevention is the only way to save your computer from such an attack. You need to be more cautious with opening your e-mails and saving attachments for sure. However, the best way for you to protect your PC is to install a powerful malware removal application, such as SpyHunter.

Once activated, this ransomware infection targets your %USERPROFILE% directory and its subfolders, and encrypts all your files, including .exe files, with the AES-256 encryption algorithm. The affected files get an ".Alcatraz" extension, which makes it quite easy for you to identify this threat if you were in doubt somehow. This infection also drops a ransom note called "ransomed.html" on your desktop, which is opened on your screen when all the nasty job is done. This note claims that all your data have been encrypted, which is obviously a bit of an exaggeration. You are told to pay 0.5 BTC, which is around 360 USD, to the provided Bitcoin wallet address. You can find a little Q&A at the bottom, which is there to convince you that there is no other way for you to get your files back but paying the ransom fee. At the top, you can see a couple of help links in different languages leading to eq4vimjrejnmvdf2.onion.to/ransomed.php, where you are assisted in how to buy bitcoins.

We believe that transferring ransom fees is always risky. It is one thing that you would simply support cyber criminals in their vicious endeavors and another thing that you may not get the decryption key or tool after your payment. There could also be technical issues arising other than crooks not caring at all about your files. Unfortunately, we have not found any free tools on the web that could help you with the restoration of your files. Therefore, the only way for you to get your files back if you decide against paying is that you have a recent backup saved onto an external drive. If you have never had one, most likely this attack will make you more alert. But, if you have a backup, you should still delete Alcatraz Ransomware as well as all the encrypted files if you want to recover your computer.

You may be surprised but it is not at all difficult to remove Alcatraz Ransomware from your system. It simply requires deleting a few related files and that is all there is to it. If you follow our guide below, you should be able to put an end to the existence of this beast. If you want to make sure that no such malware invasion takes place again, you should really become a more careful web surfer. Yet, the most effective way for you to defend your computer is to use a professional anti-malware program. Remember to keep this security tool always updated and activated to make sure that you are getting the best possible protection.

How to remove Alcatraz Ransomware

1. Press Win+E to open File Explorer.
2. Locate and bin the malicious .exe file you downloaded from the spam e-mail.
3. Bin the .html ransom note file from the desktop.
4. Empty your Recycle Bin.
5. Restart your computer.