Cyber Security Center

Bnrs ransomware removal


Bnrs ransomware is a generic ransomware infection from the Djvu/STOP ransomware family. Once on a computer, it encrypts personal files, adds .bnrs to them, and demands a payment in exchange for a decryptor. Because file recovery isn’t always possible, Bnrs ransomware is considered to be a very dangerous infection. The malware operators release new versions on a regular basis, and Bnrs ransomware is one of the more recent releases. It can be identified by the .bnrs extension added to encrypted files.

Bnrs ransomware note

 

As soon as Bnrs ransomware is initiated, it will start encrypting all of your personal files. That includes photos, videos, images, documents, etc. Because encrypted files will have .bnrs added to them, you will immediately know which files have been affected. As an example, an encrypted image.jpg would become image.jpg.bnrs. You will not be able to open these files unless you first use a decryptor on them. The _readme.txt ransom note explains the process of acquiring the decryptor. According to the note, the decryptor costs $980, though there’s supposedly a 50% discount to victims who contact the malware operators within the first 72 hours. Whether that’s actually the case is not certain but paying the ransom, in general, is not recommended. Keep in mind that you will not necessarily receive a decryptor because there’s nothing stopping the cybercriminals from just taking your money and not sending anything in return.

We strongly recommend that you use anti-malware software to remove Bnrs ransomware. It’s a highly complex malware infection and requires a professional program to get rid of. You can connect to your backup and start recovering files as soon as the ransomware has been fully removed.

For users who do not have copies saved in a backup, file recovery will be much more difficult, if not impossible. The only option is to wait for a free Bnrs ransomware decryptor to be released, though whether it can be successfully developed is another matter. Ransomware from this family uses online keys to encrypt files, which makes developing decryptors very difficult for malware researchers. Nonetheless, for users who do not have any other options, waiting for a free Bnrs ransomware decryptor may be the only choice.

Ransomware distribution methods

If you take the time to develop better online habits as well as become familiar with how malware is distributed, you will be able to avoid a lot of malware infections. The most common malware distribution methods are:

  • Email attachments

Users whose email addresses have been leaked before can sometimes receive emails that have malicious attachments. When the attachment is opened, the malware can initiate. This is why it’s very important that you are very careful with unsolicited emails that have attachments. Fortunately, malicious emails are fairly obvious in most cases. Senders usually pretend to be from known companies whose services users use but the emails themselves are full of grammar/spelling mistakes. No legitimate email sent by a company that values its reputation will have obvious mistakes in it. But for whatever reason, malicious emails are often full of mistakes. Malicious emails also address users using generic words like User, Member, Customer, etc. Legitimate emails whose attachments you should open will always address you by name. It’s worth mentioning that some malicious email campaigns are more sophisticated, which is why it’s a good idea to scan email attachments with anti-virus software or VirusTotal before opening them.

  • Torrents

It’s no secret that malware is often found in torrents. Torrent sites are usually quite poorly regulated, and this allows malicious actors to upload torrents with malware content in them. You can find malware in torrents for movies, video games, software, and TV shows. We strongly advise against torrenting copyrighted content because it’s not only dangerous but also because it’s essentially stealing.

  • Vulnerabilities

The importance of installing updates cannot be stressed enough. Updates patch knows vulnerabilities, preventing malware from exploiting them to get in. Vulnerabilities are discovered all the time, so it’s essential that you install updates as they come out. You should also enable automatic updates whenever possible.

Bnrs ransomware removal

It’s important that you use anti-malware software to remove Bnrs ransomware from your computer. Ransomware is a very complicated malware infection so it’s not a good idea to try to delete Bnrs ransomware manually. You could end up causing additional damage to your computer. Furthermore, you might miss some parts of the ransomware, which could later allow it to recover. And if you were connected to your backup when that happens, your backed-up files would become encrypted as well. Thus, it’s much safer to use anti-malware software. Once the ransomware has been removed, you can safely connect to your backup to start recovering files.

If you do not have a backup, your only option is to wait for a free Bnrs ransomware decryptor to be released. You won’t find one at the moment but it could be released in the future. Back up your encrypted files and occasionally check NoMoreRansom for a free Bnrs ransomware decryptor.

Bnrs ransomware is detected as:

  • Win32:Malware-gen by Avast/AVG
  • HEUR:Trojan-Ransom.Win32.Stop.gen by Kaspersky
  • Trojan.MalPack.GS by Malwarebytes
  • Trojan.GenericKD.49114522 (B) by Emsisoft
  • A Variant Of Win32/Kryptik.HPTV by ESET
  • Artemis!1F139CBBFCEE by McAfee
  • Ransom:Win32/StopCrypt.PAF!MTB by Microsoft

Bnrs ransomware detections