1 of 2
Danger level 7
Type: Trojans
Common infection symptoms:
  • Slow Computer
  • System crashes
  • Slow internet connection
  • Connects to the internet without permission
  • Installs itself without permissions
  • Blocks system files from running
  • Can't be uninstalled via Control Panel

XAMPP Ransomware

XAMPP Ransomware, also known as Xampp Locker Ransomware, is a new infection, and it appears that it is still in development. This malicious threat is yet another file encryptor that is capable of requesting a ransom. Surprisingly, this infection asks a ransom of 2.20€, which is very small, especially if you compare it to other threats that demand hundreds or thousands of Euro. Unfortunately, it is quite possible that this initial fee will change and that the victims of newer versions of this threat will be asked a lot more. If that has happened to you, please leave a comment below explaining your situation. In fact, it is unlikely that many users – or any at all – will face the current version of this devious ransomware. In either case, we have a few tips that can help you remove XAMPP Ransomware and reinstate your operating system’s protection. If you are interested in this, keep reading.

The suspicious XAMPP Ransomware was first spotted at the beginning of February 2017. It appears that since then the infection has only been spread via corrupted spam emails, but we do not dismiss the possibility that other methods of malware distribution could be used for the dispersion of this dangerous ransomware. Your contact details – including your full name and email address – could have been extracted a long time ago with the assistance of misleading surveys or prize giveaways. Malicious tracking cookies could have recorded and leaked this information as well. Once this data is in the hands of malware distributors, they can use it to expose you to all kinds of malware. XAMPP Ransomware is executed via an .exe file that could be introduced to you as a document or a photo via a spam email. If nothing shows up once you open the file, you should become suspicious immediately. Unfortunately, most users just ignore this, and that allows the ransomware to start its malicious processes.

When XAMPP Ransomware is executed, it goes after .txt, .doc, .png, and .html files. Surprisingly, it only targets the files that are located in the C:\xampp\htdocs folder. As you might know already, Xampp is an open source cross-platform that can be used for PHP development. Needless to say, this is where the name of this infection comes from. When the files are encrypted, it adds the “.locked” extension to them, and this extension has been employed many times before by such ransomware threats as OzozaLocker Ransomware and CryptoSweetTooth Ransomware. All in all, it is possible that XAMPP Ransomware will be upgraded to encrypt files in multiple directories. Also, it could start targeting even more kinds of files. If that happens, it is most likely that the name of this ransomware will be modified as well. Of course, there is always a possibility that this is the final version of the threat, and this is why we focus on it specifically.

If XAMPP Ransomware has slithered in and encrypted files, you must have already been introduced to the ransom demand. The demand is quite surprising. First of all, you are only given 2 hours to pay the ransom of 2.20€. Second, you are requested to address the payment to Alessandro Nava, which is a very specific detail that we have not seen in other ransomware infections. Are you willing to pay the ransom? If you are, you need to think carefully if the files are worth it. If they are backed up, or if they do not hold important information, you should delete XAMPP Ransomware instead of worrying about the payment. Of course, even if you pay the ransom, you need to remove this infection, and you need to do that ASAP.

As you can see by looking at the guide below, the removal of XAMPP Ransomware is not a big deal, as long as you can identify the malicious launcher that this infection uses. If you cannot identify it – though you should if you have downloaded it yourself from a spam email – it is best to acquire an anti-malware tool that will find and delete XAMPP Ransomware automatically. Keep this tool installed if you want to have your operating system guarded against malware in the future.

XAMPP Ransomware Removal

  1. Right-click the launcher file.
  2. Select Delete.
  3. Empty Recycle Bin.
  4. Install a malware scanner to thoroughly inspect your PC for potential leftovers.
Download Spyware Removal Tool to Remove* XAMPP Ransomware
  • Quick & tested solution for XAMPP Ransomware removal.
  • 100% Free Scan for Windows

Post comment — WE NEED YOUR OPINION!

Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.