Black Berserk Ransomware

Cybersecurity researchers are warning users about a ransomware threat known as 'Black Berserk.' This threatening program is designed to encrypt data, making it inaccessible to the victims. Subsequently, the attackers demand a ransom payment in exchange for providing the decryption key.

The Black Berserk Ransomware is capable of successfully encrypting multiple different file types and altering their filenames by appending the ".Black' extension. Therefore, a file with the original name '1.png' will appear as '1.jpg.Black,' and '2.doc' will be transformed into '2.doc.Black.' As a part of its intimidating tactic, the ransomware also generates a ransom note titled 'Black_Recover.txt.'

The Black Berserk Ransomware Prevents Victims from Accessing Their Data

The ransom note left by the Black Berserk Ransomware emphasizes the urgency for victims to establish contact with the attackers. The note explicitly mentions that the victim's files have been encrypted, rendering them inaccessible, and that all data has been exfiltrated, potentially leading to additional security risks.

To evaluate the legitimacy of the attackers' claim and test the possibility of decryption, the victims are encouraged to send two encrypted files to the cybercriminals. However, they must ensure that these files do not contain sensitive or crucial information and that their combined size does not exceed 1MB. The ransom message strongly advises against any attempt to delete or modify the encrypted files, as such actions might lead to further complications and potentially permanent data loss. Moreover, seeking decryption assistance from third-party sources is cautioned against, as it could result in a heightened financial loss without any guarantee of successful data retrieval.

The note grimly highlights the unfortunate reality that decryption without the attackers' involvement is exceedingly rare, further indicating the severity of the situation and the control maintained by the cybercriminals.

Despite victims complying with the ransom demands, there is no assurance that the promised decryption tools will be provided by the attackers. It has been observed that many victims fail to receive the decryption keys even after making payments to ransomware operators.

To prevent the Black Berserk Ransomware from causing further damage, immediate action is required to eliminate the malware from the operating system. However, it is essential to understand that removing the ransomware itself will not restore files that have already been compromised and encrypted.

How to Protect Your Data and Devices from Ransomware Threats?

To ensure the safety of their devices and data from ransomware attacks, users can take various proactive measures to strengthen their cybersecurity. Here are some essential steps they can follow:

• Keep Software Updated: Regularly update operating systems, applications, and antivirus software. Software updates usually include security patches that protect against known vulnerabilities that ransomware might exploit.
•  Install Anti-Malware: Utilize reputable anti-malware software to detect and prevent ransomware infections. Keep the security software up to date and run regular scans.
•  Enable Firewall: Enable and configure firewalls on devices to create a barrier between the user's network and potential threats from the internet.
•  Backup Data Regularly: Regularly back up all critical data to an external device or a secure cloud storage service. This ensures that even if data is encrypted by ransomware, the user can restore it without paying the ransom.
•  Use Strong Passwords: Recommend the use of unique, strong passwords for all online accounts and devices. Consider implementing multi-factor authentication (MFA) wherever possible.
•  Be Cautious with Emails: Avoid clicking on links or downloading attachments from unfamiliar or suspicious email addresses. Be particularly cautious with emails that have urgent or threatening language.
•  Disable Macro Scripts: Configure the settings in office applications to disable macro scripts from running automatically. Macros can be exploited by ransomware to gain access to systems.
•  Stay Informed: Stay updated on the latest ransomware trends and techniques used by cybercriminals to be better prepared to defend against potential threats.

By following these measures and maintaining a vigilant approach to cybersecurity, users can significantly reduce the chances of becoming victims of ransomware attacks and protect their devices and valuable data from being compromised.

The full text of the ransom note left by Black Berserk Ransomware is:

'Your ID:

# In subject line please write your personal ID

Contact us:

Black.Berserk@onionmail.org

Black.Berserk@skiff.com

ATTENTION!

All files have been stolen and encrypted by us and now have Black suffix.

# What about guarantees?

To prove that we can decrypt your files, send us two unimportant encrypted files.(up to 1 MB) and we will decrypt them for free.

+Do not delete or modify encrypted files.

+Decryption of your files with the help of third parties may cause increased price(they add their fee to our).'