![]() Unfortunately, this information is accurate. The message further states that changing the encrypted data in any way, attempting to decrypt it with third party software, or using private keys from other victims can lead to permanent data loss. The message further warns that the email address might be blocked soon, and therefore affected users must make contact without delay. To 'prove' their ability to undo the damage, developers of MedusaLocker offer to decrypt one file free of charge so long as the file is no larger than 10 MB. This must contain a personal ID number, which is listed in the ransom message. Should the response not arrive within 24 hours, users must send a message to the alternative email address. #MALWAREBYTES CRYPTO LOCKER HOW TO#For more information about how to purchase decryption software/tools, victims are instructed to contact criminals via the email address provided. The ransom message states that the users' files have been encrypted and, to recover them, they must purchase a unique decryptor from the cyber criminals behind MedusaLocker. READINSTRUCTIONS" extensions for encrypted files. Other variants of this ransomware use the ". Once data is encrypted, MedusaLocker stores an HTML file (" HOW_TO_RECOVER_DATA.html") containing a ransom message on the victim's desktop. encrypted" extension.įor example, " 1.jpg" becomes " 1.jpg.encrypted". During the encryption process, all files are renamed with the ". the decryption software/tool is purchased). ![]() It operates by encrypting files and keeping them inaccessible until a ransom is paid (i.e. Discovered by MalwareHunterTeam, MedusaLocker is malicious software, which is classified as ransomware. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |