Nulltica Ransomware

What is Nulltica Ransomware?

Nulltica Ransomware is one of the newest ransomware infections that we have come across recently on the web. This infection slithers into your computer behind your back and then it holds your computer hostage, demanding that you pay a ransom fee as soon as possible. Computer security experts recommend removing Nulltica Ransomware and then looking for ways to restore your encrypted files. It might sound discouraging because there is no public decryption tool available that would help you decrypt the files. Nevertheless, you should try out everything because there is a very good chance that you have copies of your files saved somewhere.

Where does Nulltica Ransomware come from?

It is very common that computer security experts cannot pinpoint one single ransomware infection source. Although it is possible to find out the main distribution methods that are used by Nulltica Ransomware, it is hard to say which email message or which website exactly is responsible for spreading the infection around.

According to the data collected by our research team, Nulltica Ransomware usually spreads via social networks, spam email, and unsafe remote desktop protocol configurations. Therefore, it means that sometimes users might install this infection on their computers themselves, and sometimes it could be installed manually through unsafe remote desktop connection.

If the program comes through spam emails, it is possible to avoid it if you remain careful whenever you open your inbox. Some of the spam emails that carry the infection may look like official invoices or some financial reports. However, if you did not expect to receive such notifications, you should be very careful when you open such emails. Not to mention, if they come with attachments, you should not download and open them immediately.

Of course, sometimes it might seem that you have to open a particular file, and if you are not sure whether that file is safe or not, you can always scan it with a legitimate antispyware tool. This will definitely help you determine whether the file you have downloaded is dangerous or not.

What does Nulltica Ransomware do?

Now, when this ransomware enters the target system, there is no turning back because the encryption is initiated immediately. Our research team emphasizes that sometimes the infection may not work properly, so you might only see the ransom note, while your files would remain intact.

Nevertheless, the main threat behind Nulltica Ransomware is potential encryption. Once the program locks up your files, you will see which files have been affected immediately. That is because the ransomware program (just like other infections from the same category) adds an additional extension to your filenames. All the encrypted files will have the “.lock” extension added to them. Needless to say, the system will not be able to read the affected files.

When the encryption is complete, Nulltica Ransomware will display the ransom note:

Your files have been blocked

Your files is encrypted (AES 256). You need a individual key to unlock your files.

Instructions how to unlock:

  1. Create bitcoin wallet (coinbase, bitpay or any else)
  2. Pay 50 usd to this wallet (bank card, transfer)
  3. Send 50 usd (if you don’t know how many usd = btc - calculate with this website <…>

Warning: If you already paid and you have information “We don’t have your payment yet”, you must waiting.. (Usually max. 12h)

As you can see, Nulltica Ransomware is very blatant about what it wants, and it wants your money. Will it really decrypt your files if you transfer the money? Hardly. Seeing how one of the program’s servers are down, there is always a possibility that its command and control center could go down any minute, too. So paying the ransom is never an option in this case.

How do I remove Nulltica Ransomware?

You might have to go through quite a few directories to remove everything related to Nulltica Ransomware from your system. It could be quite a tedious task, so the best way to do it is to scan your PC with a licensed antispyware tool and then delete the malicious files automatically.

As for your data, if you have a backup on an external disk, you should transfer the healthy files back into your system only when Nulltica Ransomware is removed for good. Saving healthy files on a computer that still has the ransomware infection could result in further encryption.

Manual Nulltica Ransomware Removal

  1. Open your Downloads folder.
  2. Remove the most recently downloaded files.
  3. Press Win+R and type %AppData%. Click OK.
  4. Remove the most recent exe file from the directory.
  5. Press Win+R and type regedit. Click OK.
  6. Go to HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run.
  7. On the right pane, right-click and delete a random name string value that launches the infection.
  8. Scan your PC with the SpyHunter free scanner. 100% FREE spyware scan and
    tested removal of Nulltica Ransomware*

Leave a Comment

Enter the numbers in the box to the right *