.NULL File Extension

There is only one file type that uses the .NULL extension:

Null Ransomware Encrypted File

Null Ransomware Encrypted File

A file with a .null extension is a file that has been encrypted by the Null virus, which is a variant of Stop and Djvu ransomware that became prevalent in August 2017. It is encrypted with AES-256 algorithm so it is not possible to open the file by simply changing the .null file extension.

Null is a type of malware utilized by cybercriminals that takes a user's files hostage and forces him to pay the perpetrator to unlock the files. It is most often introduced to a victim's computer through spam emails with malicious file attachments that are downloaded and run by unsuspecting users. These email attachments may be JavaScript .JS files or .DOCX files with macros that appear to be normal attachments but they actually contain the Null virus.

When the ransomware runs on a user's computer, it encrypts files on the computer and adds the .null extension onto the names of the files. The targeted files are typically documents, images, videos, and backup files, such as .DOCX, .JPG, .MP4, and .DB files. For example, a spreadsheet.xlsx file becomes spreadsheet.xlsx.null.

The virus then generates a pop-up window with several tabs explaining the hostile takeover of the user's files. The tabs include information about what occurred to the computer, the encryption used on the files, the list of encrypted files, how the user can recover his files, and how the user can make the Bitcoin ransom payment.

NOTE: Currently, there are several options for removing the Null virus, such as Malwarebytes Premium software, but there is no program available to effectively restore infected files. If the user has a recent backup of his files, he can perform a system restore to remove the virus but any changes made to files after the backup was made will be lost.

Software's name License Platforms
System Restore System Restore Windows

Updated: May 30, 2019

Search File Extensions