Viamwasted ransomware – a file-locking parasite made to extort cryptocurrency from its victims

Viamwasted ransomware is a cryptovirus developed to lock data on a targeted computer or a whole computer network and then demand a ransom for a decryption tool that would supposedly unlock those files. Archives, documents, images, databases, backups, etc., are encrypted. System files are altered but left unlocked, in most cases. Threat alters settings to control the behavior of the virus.
During the encryption process, Viamwasted virus renames the files by appending .viamwasted extension to all personal data, hence the file-locking virus's name. As soon as that's done, ransom notes are created but in an unusual never before seen way.
It seems like each file is duplicated because each original filename receives a .viamwasted_info extension. All ransom note files carry the same message, i.e., they're identical, pushing its victims to reach out via two given emails – 43780@PROTONMAIL.CH and 18002@AIRMAIL.CC.
| name | Viamwasted ransomware |
|---|---|
| type | Ransomware |
| Appended file extension | Files renamed by adding .viemwasted extension to original filenames |
| Ransom note | Each file is duplicated, and a .viemwasted_info extension is added to their original filenames. All newly created files bear the same message |
| criminal contact details | 43780@PROTONMAIL.CH and 18002@AIRMAIL.CC |
| Distribution | Phishing emails, spam torrents, RDP attacks |
| Virus removal | All kind of malware, especially ransomware, should be deleted immediately with reliable anti-malware software |
| System tune-up | System repair tools like the FortectIntego app should be used to remove all changes done by the virus to the computer system settings and files |
The ransom note of Viamwasted ransomware is very short and uninformative. Cybercriminals state that the network was breached, and now all files are encrypted, along with backups. If the victims want their files back, they will have to establish contact via provided emails. The whole message reads:
VIAM.
Your network has been penetrated.
All files on each host in the network have been encrypted with a strong algorythm.
Backups were either encrypted or deleted.
Do not rename or move the encrypted files.
To get the files back contact us at: 43780@PROTONMAIL.CH or 18002@AIRMAIL.CC
Store the encryption key:
–
Unfortunately, in many cases, the data might be inaccessible without the intervention of the cybercriminals. But the victims should never consider paying the requested ransom. That money could fund future cyberattacks and research of far more devastating malware.
In addition to that, companies who met the cybercriminals' demands have reported[1] double recovery totals, then companies who didn't pay the ransom and instead invested in data recovery and system renewal. So whether you're an everyday computer user or a chairman of some company, Viamwasted ransomware removal should be your only concern now.

Before removing a file-locking virus infection, all encrypted data should be exported to external, offline storage because one day, a decryption tool could be created. The most effective way to remove Viamwasted ransomware from a device is by using professional anti-malware tools like SpyHunterCombo Cleaner or MalwarebytesMalwarebytes.
Ransomware is able to corrupt system settings and files without encrypting them. So when the infection is abolished, we recommend performing a system tune-up with powerful system repair tools like FortectIntego or similar to restore the default settings. You can ensure that Viamwasted virus is no longer damaging any crucial parts.
Guidelines for staying safe on the internet
Each and every day, the cybercriminals are developing and releasing new, more improved, more hazardous malware. That's why companies and everyday computer users should learn how to stay safe on the internet. And that's where we step in.

We've compiled a shortlist of suggestions that would increase your cybersecurity level and possibly help you to evade cyberattacks:
- Learn (or teach your staff) how to identify phishing emails and other ransomware delivery techniques
- Keep backups of sensitive data in two separate locations/devices, e.g., cloud, USB drives, etc.
- Acquire professional anti-malware software that would watch your back. Scan all content before downloading it
- Install all the latest updates (except beta versions) to your software, including the operating system
- Avoid using file-sharing platforms, like the torrent sites
- Regularly use system repair tools to maintain the system registry and other system components
Instruction for Viamwasted ransomware virus termination and system fix
New cyber threats are introduced each day. Due to the shift to remote working because of the COVID19 pandemic, ransomware attacks are increasing.[2] That's why we recommend purchasing a reliable anti-malware application like SpyHunterCombo Cleaner or MalwarebytesMalwarebytes that would protect from such threats.
Eliminating the infection might damage encrypted files, so before users remove Viamwasted ransomware, they should export all their locked data to an offline storage device, like a USB drive or anything similar. There's no decryptor available at this moment, but if one is created, we'll let you know as we update our readers with the latest news.
Although manual Viamwaster ransomware removal is possible, it can be a tall task even for highly-experienced users. It would be best to leave this dirty work to professional anti-malware software that would automatically pinpoint, isolate, and delete the infection with all its particles.
Once your device is virus-free, you should take care of its general condition. Experts[3] recommend using the FortectIntego tool to scan your entire device for any irregularities the infection might have caused and restore it to a pre-contamination phase.
Was this guide helpful?
Be the first to comment