Serpent Ransomware is a new step in the evolution of Hades Locker. It belongs to the same family of viruses that corrupt files on your computer and demand a payoff. Serpent does not waste time and quickly proceeds the encryption procedure. Upon completing you will see two files in the folders with corresponding corrupted files. Those files are simple messages in txt and html formats and contain information about the ransom demand.
Serpent Ransomware gives all infected files a new extension of «.serpent». The AES-256 and RSA-2048 algorithms are involved. This way your normal file, for example, «weekend.mp4» becomes «weekend.mp4.serpent» and cannot be read by the system. It is easy to miss that something is wrong and your security along with the data is compromised if you don’t have any anti-malware protection.
Malicious programs like Serpent Ransomware often suggest using Bitcoin wallets to pay for the decryption key that will bring your files back to normal deleting the abnormal extension. Hackers promise to fix your files for 0.75 Bitcoin implying that there is no other way to decrypt the data without a key. Furthermore, if the ransom is not paid within one week after infection the amount changes to 2.25 Bitcoin.
The mentioned RSA-2048 encryption algorithm is asymmetric. This means that encryption and decryption keys are created during the encryption procedure. Those keys are stored on remote servers, so it is not possible to reverse the hack without your personal key. Despite this fact, we suggest you never attempt to contact the developers of the ransomware or trying to pay for the key. There is a high risk that you will be ignored once money is transferred. No one is actually going to unblock your files and restore the data. Plus, you will become a sponsor for next attacks contributing to the development of newer viruses and malicious software like this one. Files damaged by Serpent’s actions can be restored from a backup, so it is advisable to have one.
First of all, it is important to understand where did it come from to prevent stepping on the same rake twice. According to our analysis and reports we receive, this locker infiltrates your computer via spam emails from the unknown sender. It comes in the form of suspicious attachment (it can be a text file, video, picture and so on). If you receive an email from the unknown source with a bizarre message and suspicious attachment, don’t rush to open it. Do not download and run executable files or applications from your inbox. There is a high chance of catching a virus, worm, Trojan, etc. by simply clicking infectious links.
There are two ways to get rid of the Serprent Ransomware. You can do it manually if you know where the original malicious file is hidden. But it might take time. Plus, if you don’t know where to look you can accidentally delete wrong files. To avoid this, we recommend using an anti-malware program such as Plumbytes Anti-Malware or SpyHunter. If your computer is infected with Serpent Ransomware, it will be eliminated along with other threats found. Having an additional protection against cyber-attacks is highly recommended because other threats might come your way after previous are eliminated.
Symptoms of Serpent Ransomware infection on your computer can be: computer crashes, unusual homepage or search engine on your browser, unwanted pop-up ads and advertising banners. We recommend to download our automatic removal tool. This removal tool has been tested for Serpent Ransomware threat removal and it is easy to use.
After performing all of the steps above you should have all of your web browsers clean of the SERPENT RANSOMWARE and other suspicious add-ons and extensions. However to complete the removal procedure we strongly advise to scan your computer with antivirus and anti-malware tools like SpyHunter, HitmanPro 32-bit, HitmanPro 64-bit or Malwarebytes Anti-Malware. Those programs might help to you find registry entries of malware and remove them safely.