0kilobypt Ransomware
The 0kilobypt Ransomware is a new file-encrypting Trojan discovered in the wild by malware analysts. This threat first emerged in February 2020. Ransomware threats are highly used in the world of cybercrime, as they can be easy to create (provided that a ransomware building kit is used) and rather simple to distribute.
The 0kilobypt Ransomware appears to carry several different names. Regardless of the name, this is a very threatening Trojan, which is capable of rendering all your data unusable. Unfortunately, some variants of the 0kilobypt Ransomware appear to overwrite data with zeros, which means that the affected files cannot be recovered unless you have backed them up prior to the attack. The aforementioned copies of the 0kilobypt Ransomware are rather basic and not capable of encrypting data. This is why, instead, they would simply overwrite the files. Despite the fact that some of the variants of the 0kilobypt Ransomware simply destroy files by overwriting them, the operators of the threat would still attempt to extort their victims by promising them to provide e decryption tool if they get paid the ransom fee demanded. However, since the data affected by the 0kilobypt Ransomware is no encrypted but overwritten with zeros, a decryption tool is useless. It is likely that the propagation methods used by the authors of the 0kilobypt Ransomware include phishing email, corrupted advertisements, torrent trackers, pirated applications or video games, fake software updates and others.
According to researchers, the copies of the 0kilobypt Ransomware would append one of the following extensions to the affected files’ names:
- '.Aebaih6i
- '.CRYP'
- '.val'
- '.cr'
- 'lth2eelu'
- 'Eivoh1na'
- 'leph0uxo'
- '.mechu5Po'
- '.0kilobypt'
Furthermore, different copies of the 0kilobypt Ransomware appear to drop ransom notes that are named differently. So far, the identified variants of the 0kilobypt Ransomware drop ransom notes that are named:
- '!!!TECH_SUPPORT_ (Xieth8ie@secmail.pro).txt'
- '!!!ACCESS_ TO_FILES_WRITE __ (Iyieg9eB@secmail.pro).txt'
- 'WHERE ARE YOUR FILES READ ME.txt'
- '!!!HELP_ WITH_FILES_ (rekoh4th@secmail.pro).txt'
The email addresses associated with the 0kilobypt Ransomware include:
- 'thorntitini1979@danwin1210.me'
- 'tikitakbum@rambler.ru'
- 'dizelmon@danwin1210.me'
- 'postal.surgut@danwin1210.me'
- 'eR8iech5@danwin1210.me'
- 'rekoh4th@secmail.pro'
- 'eed8Aeta@danwin1210.me'
- 'Xieth8ie@secmail.pro'
- 'yieg9eB@secmail.pro'
The 0kilobypt Ransomware is a very potent threat, and unfortunately, users who fall victim to it have no way of recovering their data. It is best to remove the 0kilobypt Ransomware from your PC with the assistance of a reputable anti-malware suite.
