Andri

files encrypted by .b3594w7m0.

Recommended Posts

This is random extension. 

Attach 2-3 encrypted files and a ransom note to your message. 

Share this post


Link to post
Share on other sites

Thanks for attaching the ransom note and encrypted files. I'll ask our malware analysts if they know what it is.

Share this post


Link to post
Share on other sites

For their part can only confirm that this Sodinokibi Ransomware (other names BlueBackground and REvil )

I have been tracking their activities since the very beginning, from mid-April, but so far I have not published most of the material in the affected countries (Germany and others). The group that spreads it does not belong to any one country, this is an international underworld, who have been earning with cyber burglary, extortion and other criminal professions close to this for years.

Sodinokibi Ransomware is aimed at European countries, except for those that are in the white list:
Romania
Russia
Ukraine
Belarus
Estonia
Latvia
Lithuania
Armenia
Georgia
Iran
Syria
Azerbaijan
Kazakhstan
Kyrgyzstan
Tajikistan
Turkmenistan
Uzbekistan

The largest percentage of affected users and company in Germany and neighboring countries, but in parallel, other countries may also suffer, including those from the white list.

So far, none of the antivirus companies have reported that they can decrypt files after this attack.

If someone tells you in PM or somewhere else what can do this for another fee, do not do it, most likely this is a hoax, tell us, the GT500 or me, so that we can check it through our channels.

You should know that there are many companies and groups that can make money on someone else's trouble.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.