The B-panther virus falls within the Xorist ransomware family. A harmful program of this type encrypts all the data on your PC (photos, documents, excel sheets, audio files, videos, etc) and appends its extra extension to every file, leaving the HOW TO DECRYPT FILES.txt files in each directory containing encrypted files.
What is known about the B-panther virus?
☝️ B-panther is a Xorist family ransomware-type virus.
B-panther will append its specific .B-Panther extension to every file’s name. For instance, an image entitled “photo.jpg” will be altered to “photo.jpg.B-Panther”. Just like the Excel file named “table.xlsx” will be renamed to “table.xlsx.B-Panther”, and so forth.
In every folder that contains the encrypted files, a HOW TO DECRYPT FILES.txt text file will appear. It is a ransom money memo. It contains information on the ways of contacting the racketeers and some other information. The ransom note usually contains instructions on how to buy the decryption tool from the tamperers. That is it.
B-panther Summary:
| Name | B-panther Virus |
| Ransomware family1 | Xorist ransomware |
| Extension | .B-Panther |
| Ransomware note | HOW TO DECRYPT FILES.txt |
| Detection | Virus:Win32/Smee.A, Win32/TrojanDownloader.AutoHK.GR, Trojan:Win32/Glupteba.MU!MTB |
| Symptoms | Your files (photos, videos, documents) have a .B-Panther extension and you can’t open them. |
| Fix Tool | See If Your System Has Been Affected by B-panther virus |
In the image below, you can see what a directory with files encrypted by the B-panther looks like. Each filename has the “.B-Panther” extension added to it.
An example of encrypted .B-Panther files.
How did B-panther ransomware end up on my PC?
There are plenty of possible ways of ransomware injection.
Nowadays, there are three most exploited ways for tamperers to have ransomware acting in your system. These are email spam, Trojan infiltration and peer file transfer.
- Another thing the hackers might try is a Trojan file model. A Trojan is a program that infiltrates into your machine pretending to be something else. For example, you download an installer for some program you need or an update for some service. But what is unpacked turns out to be a harmful program that corrupts your data. Since the update package can have any name and any icon, you have to make sure that you can trust the source of the stuff you’re downloading. The optimal way is to use the software companies’ official websites.
- As for the peer-to-peer networks like BitTorrent or eMule, the danger is that they are even more trust-based than the rest of the Web. You can never guess what you download until you get it. So you’d better be using trustworthy websites. Also, it is a good idea to scan the folder containing the downloaded files with the anti-malware utility as soon as the downloading is done.
How do I get rid of ransomware?
It is crucial to note that besides encrypting your files, the B-panther virus will most likely deploy Vidar Stealer on your machine to seize your credentials to different accounts (including cryptocurrency wallets). That spyware can extract your credentials from your browser’s auto-filling data.
How to avoid ransomware infiltration?
B-panther ransomware has no endless power, so as any similar malware.
You can protect yourself from ransomware injection taking three easy steps:
- Never open any emails from unknown mailers with strange addresses, or with content that has nothing to do with something you are expecting (how can you win in a money prize draw without participating in it?). In case the email subject is more or less something you are expecting, check all elements of the suspicious email carefully. A hoax email will surely have mistakes.
- Never use cracked or unknown programs. Trojan viruses are often spreaded as an element of cracked products, possibly under the guise of “patch” preventing the license check. Understandably, untrusted programs are very hard to distinguish from reliable ones, because trojans may also have the functionality you seek. Try to find information about this software product on the anti-malware message boards, but the best way is not to use such programs at all.
Frequently Asked Questions
🤔 How can I open “.B-Panther” files?Can I somehow access “.B-Panther” files?
Unfortunately, no. You need to decipher the “.B-Panther” files first. Then you will be able to open them.
🤔 The encrypted files are very important to me. How can I decrypt them quickly?
It’s good if you have fаr-sightedly saved copies of these important files elsewhere. In case you haven’t, there is still a chance that you do have a Restore Point from some time ago to roll back the whole system to the moment when it had no virus yet, but already had your files. The rest of the methods require patience.
🤔 What to do if the B-panther ransomware has blocked my PC and I can’t get the activation key.
🤔 What could help the situation right now?
Some of the encrypted data can be located elsewhere.
- If you exchanged your critical files via email, you could still download them from your online mailbox.
- You might have shared images or videos with your friends or relatives. Just ask them to send those images back to you.
- If you have initially got any of your files from the Internet, you can try doing it again.
- Your messengers, social networks pages, and cloud drives might have all those files too.
- It might be that you still have the needed files on your old PC, a laptop, mobile, external storage, etc.
USEFUL TIP: You can use file recovery utilities2 to retrieve your lost information since ransomware arrests the copies of your files, deleting the authentic ones. In the tutorial below, you can see how to recover your files with PhotoRec, but be advised: you won’t be able to do it before you eradicate the virus with an antivirus program.
Leave a Comment