Home / Parasites / Trojans / BBC Ransomware
Click on screenshot to zoom
Danger level 6
Type: Trojans
Common infection symptoms:
  • Slow Computer
  • System crashes
  • Connects to the internet without permission
  • Can't be uninstalled via Control Panel

BBC Ransomware

BBC Ransomware does not appear to have anything to do with the British Broadcasting Corporation, and it is unlikely to target BBC systems specifically. Instead, it is just another file-encrypting threat that was created to invade unguarded Windows operating systems and encrypt the personal files found within them. More specifically, it appears to encrypt files found in %APPDATA%, %HOMEDRIVE%, %PROGRAMFILES%, and %USERPROFILE% directories. Strangely, only .com and .mpg are spared. When files are encrypted by this malware, the “.[ID].[0x1service@protonmail.com].bbc” extension is added to their names, and while you can delete it easily, that will not help you read them. You need a decryptor for that, and when we analyzed the threat, it was not yet decryptable by any third-party tools. That is exactly what the attackers behind this malware need because they might convince victims to pay money for the decryptor they offer. Of course, we suggest that you focus on removing BBC Ransomware instead of wasting your savings.

As it turns out, BBC Ransomware is part of the PHOBOS Ransomware family. Other threats that belong to it, include Banta Ransomware, Calix Ransomware, Eight Ransomware, and Blend Ransomware. There are many others as well. These threats are likely to exploit bundled downloaders and spam emails to spread, and so you have to be particularly cautious about what you install and what emails you interact with. Of course, we advise deleting all emails in the spam folder without even opening them. BBC Ransomware can slither in only if there are no security defenses. So, if you have security software installed, but the threat managed to get in anyway, you need to think if you have failed to update it or perhaps if you need to find better software. After execution, the threat encrypts files immediately, and so there is no time to understand what is going on and stop the attackers. In fact, many victims might realize that they need to remove the infection only after their files are encrypted and two files are dropped on the Desktop.

The files that BBC Ransomware drops on the Desktop are named “info.txt” and “info.hta.” The first one has a very quick message, according to which, victims must send emails to 0x1service@protonmail.com and 0x1service@airmail.cc if they want to recover the corrupted files. The second file is much more detailed, and it informs that victims are expected to pay a ransom in Bitcoins in return for full decryption. Since there are not enough payment details, and even the sum of the ransom is not disclosed, the victim is forced to contact the attackers. Obviously, if you send the message, the attackers can extort money from you and feed you lies. They can continue doing that even after you pay the ransom. This is the main reason we do not recommend interacting with the attackers behind BBC Ransomware. Also, paying the ransom that is requested in return for file decryption is not a good move. We do not recommend that you waste your money. Instead, think about investing it in software that would keep malware away in the future.

If BBC Ransomware has encrypted incredibly important files, you might choose to at least consider following the attackers’ instructions. We do not recommend doing that, but you have to decide for yourself what is best in your situation. Hopefully, you do not need to take such a huge risk because you have backup copies of all important files stored somewhere safe. If you store copies outside their original location (preferably online or on external hard drives), you can delete BBC Ransomware and then replace the corrupted files. If that is not something that you can do in this situation, you need to set up a file backup immediately because no one can guarantee that you will not face similar malware in the future. First, remove the infection. Some might be able to do that manually. The guide below might help. Others might need anti-malware software that can delete malware automatically. We suggest installing this software in any case because besides eliminating dangerous threats, it also can ensure full protection for your Windows operating system.

BBC Ransomware Removal

  1. Delete recently downloaded files from these directories:
    • %TEMP%
    • %USERPROFILE%\Desktop
    • %USERPROFILE%\Downloads
  2. Go to the Desktop.
  3. Delete the files named info.txt and info.hta.
  4. Empty Recycle Bin.
  5. Install and run a legitimate malware scanner to check for leftovers.

N.B. To access the listed directories, enter them into the Explorer’s (tap Windows+E keys to access it) quick access bar at the top.

Download Spyware Removal Tool to Remove* BBC Ransomware
  • Quick & tested solution for BBC Ransomware removal.
  • 100% Free Scan for Windows
disclaimer
Disclaimer

Post comment — WE NEED YOUR OPINION!

Comment:
Name:
Please enter security code:
 This is a captcha-picture. It is used to prevent mass-access by robots.

 
© 2006-2024 pcthreat.com  |  Terms of use |  Privacy policy |  About us |  Link to US