New ransomware? FILNAME.pdf.id-86BCB83D.{payfornature@india.com}.crypt

Hi Expert, 
 
Our of my client server, all files are showed in this format. I don't know is it a ransomware, I am sure these files are encrypted. But I can't find any payment method on all folders. Such as !Recovery.txt, HTML, JPG, etc.
 
File format: FILNAME.pdf.id-86BCB83D.{payfornature@india.com}
 
Many thanks.

It is believed these "@" infections are part of a ransomware kit that different affiliates utilize with their own payment email addresses and explains why so many variants have been reported.

Kaspersky Lab has a utility called RakhniDecryptor that is able to brute force the decryption key for some of these <filename>.<extension>.id-random number_"@"variants but not all of them. As a precaution, you should always backup your encrypted files before running any tools.
Information and instructions for using RakhniDecryptor can be found here.

Kaspersky Lab also has a RannohDecryptor tool for decrypting some other types of <filename>"@".<random characters> "@" variants with extensions appended to the end.

There are going discussions in these related topics where you can ask questions and seek further assistance. Other victims have been directed there to share information, experiences and suggestions.

• <extension>.id-<number><emailaddress> Ransomware Support and Help Topic
• id-<number>.{masterlock@india.com}.crypt Support & Help Topic

Rather than have everyone with individual topics, it would be best (and more manageable for staff) if you posted any more questions, comments or requests for assistance in the above support topic discussion...it includes experiences by experts, a variety of IT consultants, end users and company reps who have been affected by ransomware infections. Doing that will also ensure you receive proper assistance from our crypto malware experts since they may not see this thread. To avoid unnecessary confusion, this topic is closed.

Thanks
The BC Staff