Blastoise Ransomware
Blastoise is classified as a ransomware threat, a malware type that aims to encrypt all of its victim's files. The hackers then extort the affected users in exchange for potentially restoring their access to the locked files. Blastoise can affect a large range of file types and each encrypted file will have '.blastoise' appended to its original name as a new file extension. The threat also will create a new text file named 'How To Restore Your Files.txt' on the compromised computers. The file will contain the hackers' instructions for their victims.
Ransom Note's Overview
Typically, the cybercriminals involved in ransomware attacks want to be paid a hefty ransom in one of the popular cryptocurrencies (Bitcoin, Ethereum, Monero, etc.). However, Blastoise's ransom note reveals that its operators have a different approach. To help their victims restore the encrypted files, the attackers demand to be sent a gift card for the popular PC game store Steam. The gift card must be worth $100.
Blastoise's victims are instructed to send the gift card code to either the 'valorantskins108@gmail.com' or to the 'virtue#1337' Discord account. Afterward, they should receive a link to the decryption tool. The hackers warn that without their help it will be impossible to restore the locked file as the Blastoise Ransomware threat also has deleted the default Windows backups known as Shadow Volume Copies.
The full text of the instructions left by Blastoise Ransomware is:
'All the files on your computer have been encrypted using complex and unique encryption methods.
Your shadow copies (system backups) have been deleted and thus its impossible for users to access their files without our custom decryption tool matched with your system,
Any measure taken to try self-recover your files will lead to system BIOS corruption - rendering your files, data and entire system bricked.
There is no way to help yourself - No one else can help you either. There is now only us.
In order to obtain the Decryption Kit you need to follow the steps below,
1) Go to hxxps://dundle.com/steam/ and purchase a 100$ Steam gift card, after you purchase, send the code to valorantskins108@gmail.com or virtue#1337 with your Ipv4 IP 2) Once we have received the code and your IP, a link to the Decryption Kit will be sent to your email or discord. 3) run the Decryption Kit - Wait for your files to Decrypt. 4) Restart your Computer your files will then all be returned intact.
You're files will then all be returned & decrypted intact. and your pc will not become junk.'
