Infected with werd.extension ransomware (STOP Djvu)

[Sami7264]

I got attacked by STOP Djvu ransomeware after installing a software from online.. My files are encrypted with '.werd' extension. Maybe this is the new variant. Please help me. Will I be ever able to recover my files? I don't want them now. I just want to know maybe in the future will i be able to recover?  if there is any expert, please let me know.And tell me what to do in this situation. Should i make backups of those encrypted files? I changed my passwords of various accounts. Cleared my browser. And stopped the cleanup software.I have submitted the source file to EMSISOFT.

[sakurock]

Sama ka minuga

Minu failid on krüptitud laiendiga .werd.

sorry, my mistake

Same with me.

My files are encrypted with the .werd extension.

 

hiiu kaubamaja.jpg.werd _readme.txt

Edited October 21, 2019 by sakurock

[Amigo-A]

Hello

It will be better if you be use the Google translator to translate into English.

https://translate.google.com/

[Amigo-A]

.werd - this is new variant of STOP Ransomware

At the moment, the new decryptor does not support new variants for which keys and decryption methods are not found. Perhaps this will change soon.

[Demonslay335]

With it being New Djvu, your files will only be decryptable for free if they were encrypted by the offline key once we acquire it.

If the decryptor reports your files have the ID ZioGB1sCYacbrJajtnJKEUKt6xYM3QPgwAPNAwt1, then they were encrypted by the offline key, and thus possibly decryptable in the future. Otherwise, it is an online key, and there is nothing we will be able to do to help since only the criminals have your online key(s).