Also, removing the ransomware from the infected device is required to prevent further data loss. Paying the ransom does not ensure that victims will receive the decryption tools, so it is recommended not to pay the attackers. Decrypting files without the participation of the attackers is usually impossible unless a third-party decryption tool is available online. Victims without a data backup are compelled to pay the attackers for the decryption tools. The note provides two email for victims to contact the attackers. The attackers offer a reduced rate of $490 for those who email them within 72 hours, otherwise the full price of $980 must be paid. The ransom note states that payment for a decryption program and a unique key are required to restore access to the encrypted files. Screenshot of files encrypted by Vvoo ransomware: It is worth noting that Vvoo may also be distributed with information stealers like RedLine or Vidar. Our team came across Vvoo while reviewing samples submitted to VirusTotal.Īn example of how vvoo renames files: " 1.jpg" to " 1.jpg.vvoo", " 2.png" to " 2.png.vvoo", etc. vvoo" extension to the filenames of the encrypted files, and creates a ransom note (the " _readme.txt" file). In our analysis of Vvoo, we found that it is a ransomware variant from the Djvu family.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |