Gibon Ransomware

Researchers at pcthreat.com have come across new crypto-malware recently. It is called Gibon Ransomware. It was definitely not one of those prevalent infections at the time of writing, but, according to our specialists, this might change soon because it is available in the black market and can be purchased by anyone. It is a newly-discovered infection, but it does not differ much from older threats. It has also been developed seeking to obtain money from users easier. Also, it locks files it finds stored on the affected computer the first thing following the successful entrance. There are two symptoms showing that Gibon Ransomware is the one responsible for encrypting your files: 1) you cannot open the majority of your files and they all contain the .encrypt extension and 2) there is a new file READ_ME_NOW.txt on Desktop. You should erase the ransomware infection from your system right away because it might encrypt your new files again even though it does not have a point of execution (PoE) and cannot launch automatically on startup. The encryption of files might take place again if you accidentally open its launcher.

Gibon Ransomware will surely not leave your files intact if it ever slithers onto your computer because it has been programmed to encrypt users’ files right away so that crooks behind it would have a chance to extract money from users. This ransomware infection encrypts all kinds of files, including videos, pictures, music, and other files. All these files are marked by the .encrypt extension, so users soon notice a bunch of encrypted files and thus realize that the ransomware infection has entered their computers. Although the ransom note (READ_ME_NOW.txt) is dropped on Desktop by this ransomware infection, it does not tell users how they can unlock their files. They are only told that they need to write an email to the provided email address (e.g. bomboms123@mail.ru) to “restore the files.” Do not waste your time on writing emails to cyber criminals because it is already clear what they want from you – your money. They will promise to give you the decryption tool or decrypt files for you, but it does not mean that you should go to send money to them. Yes, it might be the only way to decrypt those encrypted files, but you should still not send a cent to cyber criminals because you might be left without your files and your money. It does not mean that you could not get your files back if you do not pay money to malicious software developers. If you have copies of your files, you could restore them at any time after the Gibon Ransomware removal for free.

No doubt the ransomware infection has infiltrated your computer if you can no longer access your files and they have .encrypt appended. It is not easy to talk about the distribution of malicious applications that are not popular, but specialists have already observed that ransomware infections are usually spread using the same methods, so Gibon Ransomware should also be distributed via spam emails mainly, according to them. Most likely, it is not the only method that will be adopted to promote it. The chances are high that this threat will also be placed on third-party pages free software can be downloaded from. Therefore, you should be very careful if you tend to download software from P2P pages too. It is, of course, not always that easy to prevent ransomware infections from entering the system, so you should have a reputable security application enabled on your computer too. It will not only allow new crypto-malware to slither onto your computer in the future, but it will also not let other harmful infections infiltrate your computer illegally.

You can delete Gibon Ransomware from your system quite easily. You will erase this threat from your computer by removing its dropper. Since it has a random name and it might be hard to find it, you should simply delete all recently downloaded suspicious files from your computer. If you cannot call yourself a very experienced user, you can delete this malicious application from your computer by scanning it with an automated malware remover. There are thousands of scanners to choose from, but you should know that some malicious applications might pretend to be reputable antimalware scanners too. Be careful!

How to delete Gibon Ransomware

1. Open Explorer (press Win+E).
2. Open %USERPROFILE%\Desktop and %USERPROFILE%\Downloads.
3. Delete all recently downloaded files from these places.
4. Empty Recycle bin.