Threat BlackBit

What is BlackBit Ransomware?

BlackBit ransomware is a malicious program version derived from the notorious Loki Locker ransomware. At the beginning detectable in September 2022, BlackBit has rapidly gotten notoriety for its enciphering ploys and the inquiries it websites on its victims.

Key qualities:

• Origin: version of Loki Locker ransomware.
• Discovery Date: September 2022.
• Enciphering Marker: Appends the “.BlackBit” plugin to filenames, alongside the victim’s ID and the email address.
• Penalty notification: sends a notification titled “Restore-My-Files.txt”, displaying guidelines for contact and payment.

Text in this penalty mention and the “Restore-My-Files.txt” document:

BLACK BIT
 
All your files have been encrypted by BlackBit!
29d,23:45:51 LEFT TO LOSE ALL OF YOUR FILES
All your files have been encrypted due to a security problem with your PC.
If you want to restore them, please send an email

You have to pay for decryption in Bitcoin. The cost counts on how quickly you contact us.
After payment we shall transfer you the decryption utility.
It is a must to 48 hours(2 Days) To contact or paying us afterwards, it is a must to Pay Double.
In case of no answer in 24 hours (1 Day) write to this email
Your unique ID is : –
You only have LIMITED time to get back your files!
•If timer operates out and you dont pay us , all of files will be removed and you difficult disk shall be severely impaired.
•You shall lose some of your personal information on day 2 in the timer.
•You can buy etc. time for pay. Just email us.
•THIS isn’t A joking matter! you can wait for the timer to run out ,and watch deletion of your files

Download Removal Toolto remove BlackBit

Learn how to remove BlackBit from your computer

• Step 1. Delete BlackBit via anti-malware
• Step 2. Delete BlackBit using System Restore
• Step 3. Recover your data

Step 1. Delete BlackBit via anti-malware

• a) Windows 7/Vista/XP
• b) Windows 8/10

a) Windows 7/Vista/XP

1. Start → Shut down → Restart.
2. When the PC starts loading, keep pressing F8 until Advanced Boot Options appear.
3. Select Safe Mode with Networking.
4. When your computer loads, download anti-malware using your browser.
5. Use anti-malware to get rid of the ransomware.

b) Windows 8/10

1. Open the Start menu, press the Power logo.
2. Hold the key Shift and press Restart.
3. Then Troubleshoot → Advanced options → Start Settings.
4. Go down to Enable Safe Mode (or Safe Mode with networking).
5. Press Restart.
6. When your computer loads, download anti-malware using your browser.
7. Use anti-malware to get rid of the ransomware.

Step 2. Delete BlackBit using System Restore

• a) Windows 7/Vista/XP
• b) Windows 8/10

a) Windows 7/Vista/XP

1. Start → Shut down → Restart.
2. When the PC starts loading, keep pressing F8 until Advanced Boot Options appear.
3. Select Safe Mode with Command Prompt.
4. In the window that appears, type in cd restore and press Enter.
5. Type in rstrui.exe and press Enter.
6. In the Window that appears, select a restore point and press Next. Make sure that restore point is prior to the infection.
7. In the confirmation window that appears, press Yes.

b) Windows 8/10

1. Open the Start menu, press the Power logo.
2. Hold the key Shift and press Restart.
3. Then Troubleshoot → Advanced options → Command Prompt.
4. Click Restart.
5. In the window that appears, type in cd restore and press Enter.
6. Type in rstrui.exe and press Enter.
7. In the window that appears, press Next, choose a restore point (prior to infection) and press Next.
8. In the confirmation window that appears, press Yes.

Step 3. Recover your data

• a) Method 1. Using Data Recovery Pro to recover files
• b) Method 2. Using Windows Previous Versions to recover files
• c) Method 3. Using Shadow Explorer to recover files

a) Method 1. Using Data Recovery Pro to recover files

1. Obtain Data Recovery Pro from the official website.
2. Install and open it.
3. Use the program to scan for encrypted files.
4. It files are recoverable, the program will allow you to do it.

Download Removal Toolto remove BlackBit data-ad-slot="4025011203">

b) Method 2. Using Windows Previous Versions to recover files

For this method to work, System Restore must have been enabled prior to infections.

1. Right-click on the file you want to recover.
2. Select Properties.
3. Go to the Previous Versions tab, select the version of the file you want, and click Restore.

c) Method 3. Using Shadow Explorer to recover files

Your operating system automatically creates shadow copies of your files so that you can recover files if your system crashed. It is possible to recover files this way after a ransomware attack, but some threats manage to delete the shadow copies. If you are lucky, you should be able to recover files via Shadow Explorer.

1. You need to download the Shadow Explorer program, which can be obtained from the official site, shadowexplorer.com.
2. Install and open it.
3. Select the disk where the files are located, choose the date, and when the folders with files appear, press Export.