Despite these demands, cyber criminals should never be trusted. Cyber criminals store this key on a remote server and victims are encouraged to pay hundreds of dollars to receive it. In any case, decryption without a unique key is impossible. It is currently unknown whether Merry Christmas uses symmetric or asymmetric cryptography. It is also stated that the ransom must be paid within the given time frame (the window contains a timer), otherwise all files are permanently deleted. The cost is not specified, however, developers of similar viruses usually demand $500 - 1500 Bitcoins. Ransom demanding message is presented in MERRY_I_LOVE_YOU_BRUCE.HTA or YOUR_FILES_ARE_DEAD.HTA files.Īs compared to other similar viruses, Merry Christmas's message is relatively short and merely states that files are encrypted and that the victim must contact developers (via telegram or email) and pay a specific ransom. Following successful encryption, Merry Christmas opens a pop-up window containing a ransom-demand message. D epending on its variant, Merry Christmas appends one of the following extensions to each file : '. Merry Christmas is a ransomware-type virus that stealthily infiltrates systems and encrypts various files. Merry Christmas ransomware removal instructions What is Merry Christmas?