Multi-Device Licenses (Volume Discounts)

Change Region

English Dansk Deutsch Español Français Italiano Nederlands Polski Português Svenska Türkçe Русский हिन्दी 日本語 汉语 漢語 한국어
Uncategorized Pcs Ransomware

Pcs Ransomware

By Mezo in Uncategorized
Translate To:
English

A threat named Pcs Ransomware has been caught in the wild by infosec researchers. The Pcs Ransomware, a new Dharma Ransomware variant, poses a significant danger, as it can encrypt and render useless a large array of filetypes. Victims will then be extorted for money if they want to restore access to their data via the decryption key and tool possessed by the hackers. During the encryption routine, the threat changes the original names of the affected files drastically. It follows the pattern - [Original Name].[Victims ID].[Email address of the hackers].[New File extension]. In the case of Pcs Ransomware, the email address is pcstuntman@onionmail.org, while the appended file extension is '.PcS.' Afterward, two ransom messages will be generated on the system - one as a pop-up window while the other will be placed inside a text file named 'info.txt.'

Pcs Ransomware's Demands

The instructions found in the text file are extremely brief. Victims are simply told to send a message to 'pcstuntman@onionmail.org' or 'pcstuntman@tutanota.com.' The proper ransom note is displayed in the pop-up window. It clarifies that the second email should be contacted only after 12 hours have passed after sending a message to the first address but receiving no answer. The note also contains various warnings not changing the names of the encrypted files or trying to unlock them with third-party products as that could lead to permanent data loss.

The instructions from the pop-up window are:

'YOUR FILES ARE ENCRYPTED

pcstuntman@onionmail.org 

Don't worry, you can return all your files!

If you want to restore them, write to the mail: pcstuntman@onionmail.org YOUR ID -

If you have not answered by mail within 12 hours, write to us by another mail:bad.dev@onionmail.org

ATTENTION!

We recommend you contact us directly to avoid overpaying agents

Do not rename encrypted files.

Do not try to decrypt your data using third party software, it may cause permanent data loss.

Decryption of your files with the help of third parties may cause increased price (they add their fee to our) or you can become a victim of a scam.

The text file contains the following message:

all your data has been locked us

You want to return?

write email pcstuntman@onionmail.org or pcstuntman@tutanota.com.'

Related Posts

Loading...