|Symptoms:||The ransomware encrypts your file and put up a ransom note inside a text field named as Important_Read_Me.txt.|
|Distribution:||Spam email attachments, P2P networks, via exploit kits, etc.|
|Removal:||Try to remove it with the help of automatic removal tool.|
InfinityShadow Ransomware is dangerous file-encoder threat that comes under the category of ransomware. It is mainly created by cyber criminals with main purpose to extort money from innocent users. It was first detected on the 2nd week of August 2017. Once it enters into the PC, it will scan your whole system and encrypts your various data or file and demand ransom for its decryption key. It encrypts your files with the combination of AES and RSA a cryptographic algorithm and appends the file name as .jezRoz extensions. It may run as an executable file named as ‘The_Last.exe’ on compromised computers so that it can also be refer to ‘The_Last Ransomware’. After encryption, it will create a ransom note named as Important_Read_Me.txt and put it in each folder containing encrypted files.
According to the ransom note, it contains a short message about encrypted files and payment method to buy decryption key. Cyber criminals behind this ransomware demand 260 USD in the form of Bitcoins in exchange for decryption key. Through this note, they encourage users to buy decryption key from designated wallet address. They can also warn users that if you not make payment in 7 days and want to remove this virus then you will lose your file permanently. The decryption key is stored in the server of cyber criminals. After infiltration, InfinityShadow Ransomware can create new registry entries in Window Registry to achieve high level persistence that can allow other malware threats into the system. It can also block Window Firewall and other security tools to be undetected.
InfinityShadow Ransomware is mainly distributed through spam email attachments, peer-to-peer sharing of network, via exploit kits, freeware and shareware downloads, visiting suspicious sites and many more. Therefore, it is strongly recommended that never make any type of payment to the cyber crooks. It is not sure that you will successfully receive decryption key after make payment. Once you make payment, you will automatically connect to the cyber criminals. Through this virus, cyber criminals monitor your online activities and steal your privacy for misuse. So, it is hardly advised you to remove InfinityShadow Ransomware from the PC immediately.