Ptrz Ransomware
Ptrz is a variant of ransomware that employs encryption to block files on the victim's device. As part of its operation, it changes the filenames of all encrypted files by adding the '.ptrz' extension to them. Additionally, Ptrz generates a ransom note, which is saved as '_readme.txt' on the compromised devices to inform the victim about the attack and the ransom amount demanded to regain access to the files.
Ptrz belongs to the STOP/Djvu Ransomware family and can be distributed alongside other malware threats, such as the RedLine or Vidar infostealers. The individuals responsible for the Ptrz Ransomware typically use various tactics to spread the malware, such as spam emails, corrupted attachments, fake software updates and fraudulent advertisements.
Once Ptrz infiltrates the victim's device, it starts the encryption process on the files with a sophisticated encryption algorithm, making file recovery nearly impossible without paying the specified ransom amount.
Table of Contents
Ptrz Ransomware’s Victims Will Lose Access to Their Own Files
The ransom note, in the case of Ptrz, informs victims of the ransomware attack by outlining the demands made by the cybercriminals. It stresses that the sole method to regain access to their locked files is by procuring a decryption tool and a unique key through the payment of a ransom. The threat actors do offer to decrypt just one file for free, provided it does not contain valuable information.
In an effort to encourage victims to comply with their demands, the note also introduces a time-limited discount for individuals who contact the attackers in the first 72 hours. While the asked price for the private key and decryption software stands at $980, the reduced ransom amount is $490 for those who respond promptly. To facilitate communication, the ransom note concludes by supplying two email addresses - 'support@freshmail.top' and 'datarestorehelp@airmail.cc,' for victims to use in reaching out to the attackers.
It is essential to recognize that victims of ransomware are confronted with a difficult decision when contemplating whether to pay the requested ransom to regain access to their encrypted files. Nevertheless, it is strongly discouraged to make the payment, as there is no assurance that the threat actors will honor their commitment and provide the required decryption tool.
Implement a Robust Security on All Your Devices
To safeguard your devices and data from ransomware threats, it's imperative to adopt a comprehensive approach that involves several protective measures. Here are the key steps that individuals can take to bolster the security of their devices and data:
- Regular Software Updates: It's crucial to keep your applications, operating systems and security software updated by applying the latest patches and fixes. These software updates frequently include security enhancements that help shield your system from known vulnerabilities that ransomware can exploit.
- Install Anti-malware Software: Install reputable anti-malware solutions on all your devices. These security tools offer real-time protection, scan for threatening software, and proactively block ransomware threats before they can infiltrate your system.
- Exercise Caution with Email and Attachments: Ransomware attacks often initiated through phishing emails. Practice vigilance when dealing with emails and attachments. Verify the legitimacy of email senders, refrain from opening attachments from unknown or untrusted sources, and scrutinize emails meticulously for any indicators of phishing attempts.
- Backup Data Regularly: Establish a robust backup strategy to create backups of essential files and data routinely. Store these backups in offline or cloud-based solutions that are not directly accessible from your primary system. Periodically test the backup process to ensure that your data can be successfully recovered if the need arises.
By adhering to these measures, users can significantly diminish the risk of falling prey to ransomware attacks, thus fortifying their devices and data against compromise and loss.
The ransom note generated by Ptrz Ransomware reads:
'ATTENTION!
Don't worry, you can return all your files!
All your files like pictures, databases, documents and other important are encrypted with strongest encryption and unique key.
The only method of recovering files is to purchase decrypt tool and unique key for you.
This software will decrypt all your encrypted files.
What guarantees you have?
You can send one of your encrypted file from your PC and we decrypt it for free.
But we can decrypt only 1 file for free. File must not contain valuable information.
You can get and look video overview decrypt tool:
hxxps://we.tl/t-dHFDYXqlkk
Price of private key and decrypt software is $980.
Discount 50% available if you contact us first 72 hours, that's price for you is $490.
Please note that you'll never restore your data without payment.
Check your e-mail "Spam" or "Junk" folder if you don't get answer more than 6 hours.To get this software you need write on our e-mail:
support@freshmail.topReserve e-mail address to contact us:
datarestorehelp@airmail.ccYour personal ID:'
Ptrz Ransomware Video
Tip: Turn your sound ON and watch the video in Full Screen mode.
