Osiris Ransomware

What is Osiris Ransomware?

Anti-Spyware-101.com malware analysts warn about a new threat, Osiris Ransomware. This infection is a new variant of the Locky Ransomware, and it is most likely that it was created by the developer of this infamous threat. There are more similarities than there are differences, and we discuss all them in this report. Needless to say, deleting Osiris Ransomware is the top priority; however, you should not rush into it without knowing as much about this threat as possible. Unfortunately, you will not recover your files by removing this threat – and it can encrypt your files using complex algorithms – but that does not mean that all hope is lost. Most victims of this malicious threat will end up losing their files, but some might be able to restore at least some of them. If you believe you know everything about this threat, you can move to the last section of this report to learn about the elimination process. If you have a few minutes to spare, read this report to understand this infection better.testtesttest

How does Osiris Ransomware work?

Osiris Ransomware encrypts your personal files using a complicated algorithm, and then it encrypts the decryption key that could be used for the decryption process. This key is also sent to a remote server, which means that you cannot access it. This is no accident. Cyber criminals use this method to back you up into a corner and force you to follow their demands, and we are sure that at least some users will follow the demands represented via DesktopOSIRIS.bmp and OSIRIS-{random characters}.htm files that are created right after the encryption process is complete. Both of these files represent the same message, and it pushes you to download the Tor Browser and visit one specific website. This website reveals additional instructions that demand a ransom payment in Bitcoins. The version we have tested in our internal lab demanded a ransom fee of 2 Bitcoins, which is a monstrous sum that, at the moment, converts to $1539. Do you have that kind of money? Even if you do, you have to think about this very carefully. Unfortunately, because the files cannot be recovered by removing the ransomware, many users choose to follow the instructions.

Before you even start thinking about the ransom payment, you need to check which files were corrupted. Because Osiris Ransomware does not lock your PC like other ransomware threats are capable of doing, it will be easier for you to check your files. Unfortunately, there is one big obstacle. The ransomware can rename your files to strings of random letters and numbers, which might make everything a little more complicated. All in all, if you see the “.osiris” extension attached to the long line of letters and numbers, you can be sure that this is your own personal file. Hopefully, you can figure out which files were encrypted based on their location. In the best case scenario, the damages will not be tragic, or you will have your files backed up. If you are lucky, all that you really need to worry about is the removal of Osiris Ransomware. If you are not so lucky, you might go back to the ransom payment. Keep in mind that you would be taking a huge risk by paying the ransom because cyber criminals could easily take your money without offering you anything in return. If you do not want to take the risk, there is not much you can do. At the moment, legitimate file decryptors do not work on this ransomware, but you should look into this option anyway.

How to delete Osiris Ransomware

It is not that difficult to remove Osiris Ransomware. It is much more difficult to figure out whether you should pay the ransom or part ways with your personal files. Once you make the final decision – and you should do that soon – you need to erase the ransomware immediately. The biggest task here is identifying the malicious .exe file that is responsible for all the havoc. Because it is most likely that you have downloaded this file yourself, you should be able to find it quickly. If you cannot find or remove the malicious executable yourself, you should install an automated anti-malware tool. The right tool will ensure that other infections cannot slither in again after it is done cleaning your operating system from existing threats as well.

Removal Instructions

  1. Delete the malicious .exe file (its location and name are random).
  2. Delete the OSIRIS-{random characters}.htm ransom file.
  3. Delete the DesktopOSIRIS.bmp file found under %USERPROFILE%\{user name} (launch Explorer by tapping Win+E keys, enter %USERPROFILE% into the bar, and open the {user name} folder to find the file).
  4. Perform a full system scan to check for malicious leftovers.
100% FREE spyware scan and
tested removal of Osiris Ransomware*

Leave a Comment

Enter the numbers in the box to the right *