BloodFox Ransomware

Infosec researchers have identified a new ransomware threat. Named the BloodFox Ransomware, it can cause significant damage to the systems it manages to infect. By initiating an encryption process with a strong cryptographic algorithm, the threat can render a large number of filetypes unusable and inaccessible completely.

Unlike the vast majority of ransomware threats, BloodFox leaves the names of the encrypted files intact without changing them in any way. As for its ransom note with instructions for the victims, it will be displayed on the screen of the breached systems in the form of a pop-up window.

Ransom Note's Details

The ransom-demanding message of the threat is short comparatively but it contains the more important details. It states that the hackers demand to be paid a ransom of at least 0.3 BTC (Bitcoin). Bitcoin is the most widely used cryptocurrency but its exchange rate is prone to fluctuating widely. At the current prices, the demanded ransom is equal to $18,000, a staggering amount that few individual victims would have laying around. After transferring the money to the provided email address, users are expected to establish contact with the attackers by sending a message to the 'noclue3636@dnmx.org' email address.

The full text of BloodFox Ransomware's note is:

'BloodFox Encryptor 2.0

Oops!, Your Files Have Been Encrypted by BloodFox

if you want to know how to get your files back Send atleast 0.3 BTC to this address:
1E8ywazpZT8UAi2ot6Se8YH5ipXZbuUJn7
Afterwards email: noclue3636@dnmx.org.

Enter password:

[Decrypt Files]

BTC Address:
1E8ywazpZT8UAi2ot6Se8YH5ipXZbuUJn7'