What is 62IX ransomware?
62IX is a harmful ransomware program that encrypts all files on the computer infected with it. This means that the files can no longer be opened, edited, or even previewed. But this is a reversible procedure; which is where the hackers’ profit motivation comes in. The program doesn’t just encrypt all these files, it also offers a way to decrypt them by leaving a ransom note. The note, called “КАК РАСШИФРОВАТЬ FILES.txt”, merely points the victim at the hacker’s Telegram account (the full text of the note is available on the image above). Also of interest is the note’s name: “КАК РАСШИФРОВАТЬ” means “HOW TO DECRYPT” in Russian. Perhaps it is a clue to the program’s origin.
Either way, we also know that the virus renames the files it encrypts, adding .62IX file extension to them. This means that “photo.png” would be renamed to “photo.png.62IX”, for example. This is pretty typical; this gives the victim a clear hint that something is wrong, as all file icons change to blank ones as a result.
Paying hackers, especially ones with potentially Russian origins, is a bad idea. And contacting them over Telegram could be dangerous for your account there. Thankfully, there is a way to remove 62IX ransomware and decrypt .62IX files without paying the hacker. Read the guide below for details.