Simple_Encoder, or Tilde, targets Windows OS and, currently, the method of distribution is unknown. It encrypts specific files using AES encryption and then appends a tilde, or ~, to the encrypted file names. Simple_Encoder/Tilde drops a ransom note named a_RECOVER_INSTRUCTIONS.ini into each folder containing encrypted files. Simple_Encoder/Tilde demands a ransom payment demand of 0.8 Bitcoin.

  • Bleeping Computer provides more information about Simple_Encoder/Tilde here.
  • The NJCCIC is not currently aware of any decryption tools available for Simple_Encoder/Tilde.

One example of the Simple_Encoder variant. Image Source: Bleeping Computer