AutoTRON is relatively a new ransomware strain on the block. It is locking down the files on the affected device through Advanced Encryption Standard (AES) module. It is able to encrypt nearly all type of file formats and appends them with the extension ‘TRON’.
AutoTRON ransomware is also deemed lethal because its script is coded to make unauthorized system changes besides a regular encryption activity. For instance, it can automatically run different malicious commands through Command Prompt to delete shadow volume copies, alter registry changes and to disrupt boot sequence.
Both encryption and system changes set off as soon the payload of AutoTRON is executed on the affected device. After the completion of encryption activity, a note freezes on the screen that cites the ransom amount and the operators’ contact details.
Like most of the ransomware operators, AutoTRON developers are also asking for ransom in Bitcoin. One should keep in mind that decryption key for this ransomware strain hasn’t developed by cyber security experts so far. So, you have two options to go with:
- Pay the operators extortion money to remove the ransomware
- Remove the ransomware and recover the affected files by professional help
Cyber security gurus advise against the first option. They think that it encourages ransomware operators to launch more attacks. Additionally, there is no guarantee that the perpetrators would provide you with the key to remove ransomware even after receiving the ransom payment.
Regarding the second option, few things should be kept in mind. Never commence the file recovery process before removing ransomware infection from the infected device. During data recovery process, the ransomware strain tries to encrypt the files again and that can lead to a permanent loss of data.
Also remember that manual removal of AutoTRON ransomware is not possible. Therefore, specialized anti-ransomware tools and services are required to disinfect the affected device. Even after the removal of AutoTRON, no one can ensure 100 percent data recovery. So, if you don’t have any data backup and become a victim of AutoTRON infiltration, be ready for some permanent loss of data.