Even after payment, victims may not always receive a decryption tool. However, it is not advisable to pay cybercriminals for decryption because of the high risk of being scammed. They are coerced into buying decryption tools from the threat actors unless they have a data backup or a third-party decryption tool. In most cases, victims are unable to decrypt their files without the assistance of cybercriminals. It provides a Bitcoin address to make the payment. The note implies that failure to pay the ransom will result in permanent loss of access to the encrypted files. To retrieve the files, victims must purchase special decryption software for $24,622.70, which can only be paid in Bitcoin. The ransom note informs victims that their computer has been infected with ransomware and all their files have been encrypted. Screenshot of files encrypted by this ransomware: It is important to note that Google company is not associated with this ransomware. For instance, it renames " 1.jpg" to " 1.jpg.google", " 2.png" to " 2.png.google", and so forth. In addition to encrypting files, Google ransomware drops the " read_it.txt" file, a ransom note.Īlso, it appends the ". The purpose of this malware is to encrypt files. We found that Google ransomware belongs to the Chaos ransomware family. While analyzing malware samples submitted to the VirusTotal website, we discovered a ransomware variant dubbed Google.
0 Comments
Leave a Reply. |