21btc Ransomware

The 21btc Ransomware is one of the latest threats to emerge from the infamous and trendy among cybercriminals Dharma Ransomware family. The 21btc Ransomware doesn't display any significant deviation from the typical Dharma variant. Still, the threat is capable of causing significant damage to any computer it manages to infect.

Once inside the victim's device, the 21btc Ransomware leverages uncrackable cryptographic algorithms to encrypt the files stored there. Users will no longer be able to either access or use their audio, video, MS Office, PDFs, photo, database files, etc. The threat will append an email address belonging to the hackers - 21btc@cock.li, followed by '.21btc' as a new extension to every affected file's original name. As a typical Dharma threat, it delivers the ransom note with instructions for the victims in two ways. First, text files named 'FILES ENCRYPTED.txt' will be dropped in every folder containing encrypted files. In addition, a pop-up window will be generated on the screen of the infected device.

The ransom notes do not state what the exact amount of the ransom demanded by the criminals is. They are simply told to establish communication by sending a message to the aforementioned email address at '21btc@cock.li.'

The full text of the 21btc Ransomware's note is:

'YOUR FILES ARE ENCRYPTED

Don't worry,you can return all your files!

If you want to restore them, follow this link email: 21btc@cock.li

If you have not been answered via the link within 12 hours, write to us by email: 21btc@cock.li

Attention!

Do not rename encrypted files.

Do not try to decrypt your data using third-party software, it may cause permanent data loss.

Decryption of your files with the help of third parties may cause increased price (they add their fee to our) or you can become a victim of a scam.'