Discovered by Siri, the Pulpit ransomware infection belongs to a well-known Thanos ransomware family. Generally, ransomware virus like Pulpit are designed to lock files, rename them and create/generate a ransom note. Pulpit ransomware virus renames the encrypted files by appending the “.pulpit” extension. For instance, it renames a file named “mydog.jpg” to “mydog.jpg.pulpit”.
In addition, it changes victim’s background wallpaper, creates the picture file (which is employed as a desktop wallpaper) in folders that contain encrypted documents and exhibits a pop-up window. Its desktop background and pop-up window will be a special text file (ransom notes) named “HOW_TO_DECYPHER_FILES.txt”.
Typically, when users contact ransomware programmers, they receive details like price of a decryption software or key, method of payment, time limit, and so on. Although, it’s common that cyber criminals do not send any decryption tools after a payment. In other words, users who lays their trust in cyber crooks tend to get scammed.
Therefore, ransomware developers (including those behind Pulpit ransomware virus) shouldn’t ever be trusted or paid. The problem is that in most cases they are the only ones having the ideal decryption tools. Regrettably, there aren’t any third party tools that may decrypt files that are encrypted by the latest Pulpit ransomware infection.
In these cases users have only one free data recover alternative – to restore encrypted files from a backup. Additionally, it’s possible to prevent installed Pulpit ransomware from causing additional encryptions by uninstalling them from laptop or desktop system. But, encrypted files remain inaccessible even if they’re uninstalled.
How Does Pulpit ransomware Infect the Targeted Computer?
One of the major tactics employed by cybercriminals to trick users into infecting computers with the above mentioned ransomware virus (or other malware infection) is through spam emails which have some malicious attachment or rogue website link. Malware infection gets installed on the targeted device when recipients download and execute a malicious document.
How to Protect Yourself from Pulpit Ransomware?
Malicious attachments and rogue website link in unsolicited emails that are received from questionable, anonymous addresses shouldn’t be opened. It’s quite common that these spam mails are utilized by hackers and opportunists to distribute malware. Important documents and applications should be downloaded only from official and trustworthy sites. Another way to maintain a computer safe and neutralize malware infections is to regularly scan it using an up-to-date and trusted anti-virus or anti-malware application.