Cat4er Ransomware

The Cat4er Ransowmare aims to sneak its way inside users' computers and then lock the data stored there via a powerful encryption process. The attackers will then try to extort their victims for money, in the form of a ransom, paid in exchange for the potential restoration of the encrypted files.

During its intrusive activities, the threat will mark each locked file by appending '.Cat4er' to that file's original name. When all targeted file types on the system have been processed and rendered inaccessible, the malware will proceed to deliver a ransom note with instructions from its operators. The note will be in the form of an HTML file named 'HOW_FIX_FILES.htm,' which will be generated on the desktop of the breached system.

Ransom Note's Details

The bulk of the instructions left by the Cat4er Ransomware deals with explaining to its victims how to access the cybercriminals' website hosted on the TOR network. It also mentions that recovery of the encrypted data is only guaranteed within 10 days.

However, visiting the threat's website reveals that decryption is available at any point but the hackers could increase the price of the ransom if victims take too long. The initial sum that the hackers want to receive from the affected users is 0.08 BTC (Bitcoin). The only accepted payment method is via Bitcoin and at the current exchange rate of the cryptocurrency, the ransom stands at $3000 approximately.

The full text of the ransom note is:

'Hello

All files including videos, photos and documents on your computer are encrypted by Cat4er ransomware.

File decryption costs money.

In order to decrypt the files, you need to perform the following steps:You should download and install this browser: hxxps://www.torproject.org/download/

After installation, run the browser and enter the address: b6eiwvxyjjsiesbtimdyaif6dzmnxepq5ye7j4g6tejw3k56fqehrbyd.onion

Follow the instructions on the web-site.

We remind you that the sooner you do, the more chances are left to recover the files.

Guaranteed recovery is provided within 10 days.

IMPORTANT INFORMATION

You should enter the personal code on the tor site.

Your Personal CODE:'

The instructions found on Cat4er Ransomware's website are:

'Cat4er decryption cabinet (Exit)
Your files are encrypted

To get the key to decrypt files you should to pay 0.08 BTC.

We are present a special decryption key - which is allow to decrypt and return control to all your encrypted files

We are guaranteeing decryption after any time after encrypting. But you can sure that we will rise the price after some time
How to buy decryption key?

You should register Bitcoin wallet (click here for more information with pictures)

Purchasing Bitcoins - Although it's not yet easy to buy bitcoins, it's getting simpler every day.

Some resources where you can buy bitcoin:

Send 0.08 BTC to Bitcoin address: bc1qmgydzh893ae723k7u4nc7mljxegq4c3ywv5pu0

Enter the Bitcoin transaction ID:
Note: Enter Transaction Hash.
Code from image

Please enter the wallet to which you transferred BTC and click "I complete the payment.'