BellevueCollegeEncryptor Ransomware

By GoldSparrow in Ransomware

Translate To:

The BellevueCollegeEncryptor Ransomware is a cryptor Trojan that is introduced on a targeted computer with the objective of encrypt the computer users' files and then offer a way to get back the lost data by providing a decryption application. Obviously, the perpetrators of the BellevueCollegeEncryptor Ransomware will demand money to supposedly provide the offered tool. However, no one should trust someone that caused harm to their files. Instead, they shouldn't follow any instructions sent by the criminals and instead, look for other ways to recover their data, such as using backups of free decryptors that sometimes they can find on the Internet. In the case of the BellevueCollegeEncryptor Ransomware, the criminals ask for $250 in Bitcoins and demand to be contacted via the bellevueinject@openmailbox.org email address.

The ransom note displayed by the BellevueCollegeEncryptor Ransomware seems to have two different ransom note, one for individual computer users and the other for institutions that are contained in two text files named "readme.txt" and "INSTRUCTIONS.txt" with following texts:

'If you are seeing this message your files are already encrypted.
VERY IMPORTANT READ CAREFULLY
You should now see a window offering you to restore your computer files.
If you do not see this window, you will need to rerun the program, disable antivirus, or restart the computer.
Getting this window to open is the only way to get your files back.
Any attempt to use third party programs to recover the files is guranteed to corrupt them
This ransomware is custom programmed at every deployment to ensure of this.
Failure to see the decryption window and failure to follow the instructions
Will cause all the files to be permanetly deleted and any personal information collected will be published on dark markets.
You have 48 hours from the creation of this TXT file.
Can't get decryption window or for serious questions email BellevueInject@openmailbox.org
Moralizing, preaching, or any non mission critical emails will result in deletion of your files.'

And:

'Your institution was hacked. If you are reading this message we have successfully blocked you from accessing your personal files.
The only way you can recover your files is to buy a decryption key.
The payment method is: Bitcoins.
The price is: $250 = 0.04710299 Bitcoins (BTC)
You have 48 hours from seeing this message to send $250 in Bitcoins to Bitcoin address: bc1q2m68av8knhz9zkexzz8dn8ll9wyxz76ss47upm
We do not include a count down timer for added pressure. Failure to pay within 48 hours will automatically delete your decryption key from our server and you will permanetly lose your files. This software is custom tailored at every deployment. Using any third party decryption software will permanetly destroy your files. Typing in the wrong key too many times will also permanetly lock your files. The only way to recover your files is to send the bitcoins to the mentioned address.'
The good news is that we target coorporations and institutions.
Over 90% of our victims get reimbursed by their company or institution as the breach happens from their server end. This is not your fault. Follow the instruction in the order provided and you will get your files and money back.
First you need to buy Bitcoins. Click Buy Bitcoins to get a list of services that allow you to buy and send Bitcoin.
You can use any service even ones not listed. Coinbase is most trusted, popular, and easy to understand. Create an account, buy the above mentioned Bitcoin (BTC) quantity [eg. 0.04568795].
It will take about 30 minutes for the Bitcoin to appear in your account. When it does, find the button to send the bitcoins. Send them to the mentioned address.
30 minutes after sending us bitcoins, the hidden 48 hour countdown will automatically stop.
After payment, send an email to: BellevueInject@openmailbox.org
Send us your unique identifier: -
We will respond within 12 hours with your decryption key after receiving your email.
Paste your decryption key into this program and click Decrypt Files.
All your files will be restored and all background processes relating to this program will permanently disappear.
Your company or institution should be well aware of this attack a couple days after this. They should see all affected addresses. If they do not contact you offering reimbursement in a couple days, feel free to ask them. The exploit happened from their end. Over 90% of our victims get their money back.
PS: Time is running out. Wasting any of it just decreases your chances of getting your files back.'

The ransom note says that ' The only way to recover your files is to send the bitcoins to the mentioned address.' However, this is a lie. You can recover your files by using a file backup or alternative recovery techniques. Also, it is crucial to remove the BellevueCollegeEncryptor Ransomware with an anti-malware scanner.

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

BellevueCollegeEncryptor Ransomware

Submit Comment

Trending

'YouPorn' Email Scam

Safe Search Eng

Findtheirreport.com

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen