Null ransomware requires more than 10 thousand dollars for data decryption

Null ransomware is a file-encrypting virus that uses AES cryptography[1] to corrupt various files on the targeted computer. It appends .null file extension and demands 2.2 Bitcoins for data recovery. After the attack, it delivers a ransom note in a pop-up window.
The ransom window has 5 tabs that include different information:
- What happened to my PC
- Encrypted files
- How do I recover my files?
- How do I send bitcoins?
- What is AES 256?
Compared to other ransomware-type viruses, Null malware demands a huge ransom. Currently, 2.2 Bitcoins equals to almost 10.500 USD. Sending this sum of money is not recommended. You cannot be sure that crooks provide you working decryption software. Besides, if you have at least some of your files backed up, you can use them together with third-party tools.
The ransom note explains about data encryption and provides the list of encrypted files. Victims can see that ransomware encrypts at the most popular files, such as video, audio, image, documents, archives, and similar.
However, authors of the Null virus do not provide any relevant information on how to pay the ransom.Crooks also tell that users should disable their security software because it might disable decryptor. However, we strongly recommend doing the opposite.
Nevertheless, ransomware creates numerous system changes and might affect various processes; it’s not likely to delete Shadow Volume Copies. Thus, data recovery might be possible with third-party software. But first, you have to remove Null from the computer.
You have to wipe out malware from the system using professional security program. For Null removal, we highly recommend FortectIntego. Running full system scan with this security software will help to eliminate this cyber threat safely.

Cyber criminals use multiple strategies to spread file-encrypting virus
Hackers rarely rely on one malware distribution method. Null ransomware is also being spread using several ways and methods, such as:
- malicious spam emails that include infected content, for instance, links or attachments;[2]
- malware-laden ads;
- illegal downloads;
- bogus software updates;
- fake program installers.
All these methods require user’s participation. Therefore, to avoid ransomware, you have to be careful with emails and do not open suspicious content. It goes without saying that illegal or suspicious downloads should not be considered too.
Security experts from Sweden[3] also remind that malware might spread using RDP and exploit kits. So, using strong passwords and keeping the software, as well as operating system, updated is necessary for protecting yourself.
Null ransomware elimination guidelines
The only safe way to remove Null ransomware from the PC is to use professional security software. Ransomware might create or modify Windows Registry entries, install numerous malicious files and affect legitimate system processes. Thus, trying to fix everything manually might end up with the damaged system.
Therefore, install FortectIntego, SpyHunterCombo Cleaner or MalwarebytesMalwarebytes. These programs are perfect for Null virus removal. However, you may need to reboot your computer to the Safe Mode with Networking first. The explanation how it’s done is presented below.
Was this guide helpful?
Be the first to comment