![]() They only need to compose convincing messages and attach some files to such email, then send it out to thousands of victims. Therefore, they use the basic and very straightforward malware dissemination trick – malspam, also known as mail spam. While more dangerous and sophisticated viruses like Cerber employ exploit kits, infected ad networks, and other malware distribution techniques, developers of XYZware ransomware seem to be far less advanced. It asks the victim to purchase the decryption key for 0.2 BTC. Researcher shows the ransom note left by XYZware ransomware virus. Until then, remove XYZware malware using anti-malware program, for instance, Malwarebytes or Restoro Intego. We suggest patiently waiting for news from malware researchers – XYZware decryption tool might be available anytime soon. We do not recommend paying the ransom because it is likely that files can be recovered for free. The rest of the message explains that the victim has to write to email to get instructions on how to pay the ransom and recover files. You can buy the private key and the decryption program just for 0.2 BTC (Bitcoin). There is no way to decrypt without private key and decryption program. ![]() When the virus finishes encryption routine, it saves a message on victim’s desktop, which says: The word “Indonesia” is only mentioned in ransomware author’s contact email address. Some malware researchers believe that author of this virus is likely to be from Indonesia, although this fact was not confirmed. ![]() Once installed, the virus uses cryptography ciphers (to be precise, a combination of RSA-2048 and AES-128 ciphers) to encode files on the compromised PC. A few copies were sent out recently, and one managed to get into malware researchers’ eyesight. The malicious program seems to be in the development process at the moment, which means that at least now cyber criminals are not distributing it to victims actively. XYZware virus is a new ransomware that falls into the large group of Hidden-Tear based malware. What is XYZware ransomware virus? What should I know about XYZware ransomware?
0 Comments
Leave a Reply. |