Aac Ransomware

What is Aac Ransomware?

Aac Ransomware is a new variant of the NMoreira Ransomware infection that was discovered last year. It is believed that both infections were created by the same cyber criminal or group of cyber criminals, but there is no denying that they have many differences. For example, the original ransomware was found to remove itself after the encryption was complete, appropriate registry keys were added, and the ransom note file was created. Our Anti-Spyware-101.com research team has not observed this to be the case with the newer variant. Also, the messages hidden in the launcher file are different. The first original one was specifically addressed to the malware research community, while the new ransomware has a message for researchers who managed to decrypt NMoreira Ransomware. At the time of research, a decryptor that would work with the new version of the threat did not exist, and it is possible that it will not be developed at all. While the decryption of files might be impossible, deleting Aac Ransomware is something anyone can handle, and that should be done sooner rather than later.

How does Aac Ransomware work?

At this time, the distribution of Aac Ransomware is still a mystery. Of course, ransomware developers can exploit all kinds of vulnerabilities to spread their creations, and so it is hard to advise on what users should NOT do. Of course, it is safe to say that opening spam emails (especially the files and links attached to them), downloading unfamiliar software, interacting with strange advertisements, or enabling remote access is risky. If the infection is let in, it immediately encrypts files. The “.aac” extension is added to the names to ensure that the victim can identify the corrupted files fast. Needless to say, removing this extension from the files is not something that will help you recover them because they are compromised by translating the original data into a different form. To decrypt files, a special key or password is required, and, unfortunately, it is unlikely that you will get it. Our research team has examined hundreds of different ransomware infections, and the tendency is that their creators fail to provide victims with decryption tools or keys as promised even if the ransom is paid. Yes, Aac Ransomware was created to extort money from you, but it is unlikely that you will be given what you need in return of a ransom.

The demands that Aac Ransomware has are represented via a file called “Learn how to recover your files.txt”. You should find this file in every folder containing the encrypted “.aac” files. A message in this file informs that you must contact the creator of the ransomware via contatoaac@vpn.tg. A unique code is attached to the message, and you are asked to send it to this email so that cyber crooks could identify you and, supposedly, provide you with the right decryptor. Of course, before that, you are asked to pay a ransom, and that is not what we recommend for the reasons we already discussed. Even if you do not end up following the instructions of cyber criminals, contacting them is dangerous as well because they could record your email address for other scams and attacks, and they could send other malicious files.

How to delete Aac Ransomware

Whether or not you can remove Aac Ransomware manually depends on your ability to identify the malicious launcher file. In case you downloaded it yourself – by accident, of course – you should be able to delete this file yourself. After that, all you need to do is inspect your Windows operating system to check if other malicious components are active. Hopefully, other threats do not exist, but you need to be cautious about it. If detecting and eliminating the launcher is impossible for you – and you should not go deleting random files just in the hopes of eliminating the ransomware – you should utilize an automated anti-malware tool. That is a great option because after you have Aac Ransomware deleted automatically, the tool will start guarding your PC against similar threats. Also, if any other threats exist, they will be erased along with the ransomware. Do you want to discuss anything further? We can do that in the comments section.

Removal Instructions

  1. Find the malicious launcher and right-click it.
  2. Select Delete.
  3. Delete the ransom note file Learn how to recover your files.txt (remember that it can copies).
  4. Empty Recycle Bin and then perform a full system scan. 100% FREE spyware scan and
    tested removal of Aac Ransomware*


Leave a Comment

Enter the numbers in the box to the right *