Mole03 Ransomware

What is Mole03 Ransomware?

Mole03 Ransomware is part of a series of similar ransomware infections that render users powerless against a strong encryption algorithm. These ransomware programs virtually hold users’ computers and data hostage, demanding that users paid a ransom fee for it. Unfortunately, quite a few users succumb to these demands, and they end up spending a lot of money to retrieve their files. However, paying the ransom may not guarantee that you will get your files back. Therefore, you should not even consider doing that. Remove Mole03 Ransomware from your system right now, and then look for ways to protect your computer from similar intruders in the future.testtest

Where does Mole03 Ransomware come from?

As mentioned, this program comes from a group of similar ransomware infections that seem to be released in series. Thus, we can say that Mole03 Ransomware is a new version of the previously released Mole02 Ransomware. Unlike most of the ransomware programs that are distributed via spam email attachments; this infection spreads via the Rig Exploit Kit.

According to various security reports, Rig Exploit Kit is the most popular exploit kit used nowadays. Like most of the other notorious exploit kits, Rig redirects potential victims to the exploit through gates. But this exploit kit is a lot better than others at obfuscating the attack. It means that the exploit kit confuses the potential victims to the point they cannot tell that they are about to get infected. To achieve this, the exploit kit makes use of DoSWF, JavaScript, VBScript, Flash, and other techniques.

Most of the time, the infection makes use of compromised websites. There are a lot of websites out there that get hacked, and then the advertisements that those websites display are embedded with malicious codes. If users click those ads, they get redirected to the gates that eventually redirect the user to the exploit kit page. And that is how Mole03 Ransomware has entered your system, too. The website that is known to have been compromised by the exploit kit has one-hour.fr.

What does Mole03 Ransomware do?

When this program enters your computer, it looks for the files it can encrypt. During our research we have found that Mole03 Ransomware can encrypt files with the following extensions: TXT, LOG, DLL, DAT, JFM, CONFIG, TMP, HTML, PNG, EVTX, LNK, INI, GZ, JTX, DB, ZIP, EXE, MD, H, C, XML, JS, JPG, ICO, URL, SQM, and others. As you can see, it can affect quite a big range of important personal files. Although the developers point out that Mole03 Ransomware skips directories that have Windows or Program Files in their titles.

That is quite understandable because the infection still needs your system to work properly, if it intends to collect the ransom fee. The program also establishes a connection with its command and control center via TOR network at supportxxgbefd7c.onion and supportjy2xvvdmx.onion. The Tor network is often used by ransomware and other infections to maintain connection between the infected computer and the main infection server because of the anonymity it offers.

The ransom note that Mole03 Ransomware displays says that “all your files are encrypted with RSA_2048 and AES_128 ciphers.” It means that the locked up files can only be decrypted with the unique decryption key that only the criminals have. The program does not even tell how much you have to pay for the decryption. You just have to download and install the Tor browser to access the given addresses for further instructions. It is clearly highly annoying and frustrating, but you will do yourself a favor if you ignore these demands and simply remove Mole03 Ransomware from your system.

How do I remove Mole03 Ransomware?

During our tests, we have found that after the encryption is complete, the malware deletes its files and removes the registry keys associated with it. Therefore, there is not much to remove when you get down to it. However, it would be a good idea to scan your computer with a security application because there might be some leftover files remaining.

You can also restore your files if you have a system backup on an external hard disk. Or perhaps you tend to store your files on a cloud drive. Whichever way that is, the chances are that you have some of your files saved someplace else, and you will be able to restore them once you delete the infected ones.

Manual Mole03 Ransomware Removal

  1. Press Win+R and type %TEMP%. Click OK.
  2. Delete the most recent files.
  3. Go to your Downloads folders.
  4. Delete the most recent files.
  5. Scan your computer with SpyHunter. 100% FREE spyware scan and
    tested removal of Mole03 Ransomware*

Stop these Mole03 Ransomware Processes:

BC0EBCF2F2.exe
Disclaimer
Disclaimer

Leave a Comment

Enter the numbers in the box to the right *