Jeffrey Jones

New BigBobRoss Infection

Recommended Posts

On 3/26 my one server became infected by BigBobRoss according to ID Ransomware.  I tried to use the latest Emsisoft Decrypter for BigBobRoss, v1.0.0.4 but it does not recognize the Ransome Note.  The Decrypter indicates "File not supported".

Virtually every file on every file is now encrypted with the file names appearing in the following format...

Original File Name: 100_0002.JPG

Encrypted File Name: [id=18C3132C]100_0002.JPG.djvu

Could this be a new variant?

Below is the text from the ransom note...

---------------------------------------------- ALL YOUR FILES ARE ENCRYPTED ----------------------------------------------- 
Your personal ID:18C3132C
Don't worry, you can return all your files!
All your files documents, photos, databases and other important are encrypted with strongest encryption and unique key.
The only method of recovering files is to purchase decrypt tool and unique key for you.
This software will decrypt all your encrypted files.
What guarantees do we give to you?
You can send one of your encrypted file from your PC and we decrypt it for free.
But we can decrypt only 1 file less than 1Mb for free. File must not contain valuable information
Don't try to use third-party decrypt tools because it will destroy your files.
You have to pay for decryption in Bitcoins. The price depends on how fast you write to us.

---------------------------------------------------------------------------------------------------------------------------
To get this software you need write on our e-mail:
[email protected]

Reserve e-mail address to contact us:
[email protected]

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.