India and Pakistan hit by Malware – “State-sponsored” cyber espionage campaign
August 29, 2017Equifax Data Breach : 143 Million people affected in US, UK and EU
September 13, 2017A new Variant of Ransomware has been reported by some of our clients.
All data files (php, htm, txt, zip) are encrypted and have been renamed by adding a 10-letter file extension that looks random – like this:
snips.txt.wxdrJbgSDa
Web.config.nUZPveYgIp
The ransom note left in every folder reads like this:
————————————————————————-
Files on your computer are encrypted.
Algorithm: ecc-secp192r1 & aes-ecb-256
To decrypt your files, please contact us using one of these e-mail addresses:
[email protected]
[email protected]
[email protected]
Algorithm: ecc-secp192r1 & aes-ecb-256
To decrypt your files, please contact us using one of these e-mail addresses:
[email protected]
[email protected]
[email protected]
Please include the following text in your message:
zMp9IPExgXlvg27MFOlQrOIssoqd/gUr5SiB5zhpbDt8TmZhBwkxrfJE6pI4eBWbQF27lVL9XlCbfSqA
…. and 5 more lines of random text/key like that
…. and 5 more lines of random text/key like that
On closer malware analysis
The cost of the decoder is $ 2100 as demanded by criminals.
If you have been infected with such ransomware contact our technical team for further help.
