The Osiris ransomware is a new, updated version of the Locky ransomware, which is even more dangerous than its predecessor.
It arrives on your computer together with spam messages that contain malicious attachments. Cybercriminals send out fake job offers and parcel delivery notifications to lure computer users click on attachments. It is therefore strongly recommended that you never open attachments to spam e-mails or other messages that are suspicious.
Clicking on the attachment drops a downloader that in its turn connects to servers controlled by the hackers and downloads Osiris ransomware. Once this virus is on you PC, it starts to scan all folders and encrypts files with AES and RSA crypto. When this phase is finished, the ransomware displays a ransom note that instructs users who to pay money to have your files back.
The most visible change to the parasite is that files are now encrypted with the .Osiris extension. This is the fifth version of the virus, and unfortunately, it cannot be decrypted by the Locky Decryptor, which worked very well for earlier versions of this Ransomware.
The Osiris ransomware displays a message stating that you must pay 0.5 bitcoins (around $ 400) to get your files back. Typically, users will notice three new files in the .txt, .html, and .vbs formats that are placed on the desktop, they are called: DesktopOSIRIS.bmp. These are instructions for decrypting the kidnapped files. The background of the Osiris Ransomware has also been changed. The message on the screen reads: !!! IMPORTANT INFORMATION !!!
Currently, there are no programs that can be used to restore files encrypted by Osiris ransomware. The rogue program now uses a new packer to make it harder to analyze the virus.
To protect your system from Osiris ransomware and other fraudulent programs, you should protect your computer as much as possible. Use reliable antivirus software, make backups of your files.