Zida Ransomware
Malware analysts have identified a brand-new file-locking Trojan called the Zida Ransomware. This data-encrypting Trojan appears to target regular users online. The Zida Ransomware is not a unique Trojan that was built from the ground up. The authors of the Zida Ransomware have based their creation on the infamous STOP Ransomware – the most popular threat of this kind for 2019.
Propagation and Encryption
The Zida Ransomware is a threatening Trojan that targets a long list of filetypes, as this makes it more likely for the victim to consider paying the ransom fee. The Zida Ransomware is likely to encrypt .xls, .xlsx, .pdf, .doc, .docx, .txt, .ppt, .pptx, .zip, .rar, .db, .png, .gif, .jpg, .jpeg, .svg, .webm, .mp4, .mov, .wav, .mp3, .midi, .mid, .aac and others. This means that by the time the Zida Ransomware has completed the encryption process, most of your files will be securely locked. Once the Zida Ransomware locks a file, it changes its name by adding a new extension – '.zida.' For example, a file that you named 'ceramic-eye.png' will be renamed to 'ceramic-eye.png.zida.' The Zida Ransomware is likely spread via corrupted advertisement, fake social media posts, torrent trackers, bogus software updates and downloads, mass spam email campaigns, etc.
The Ransom Note
The message of the attackers is contained in a file called '_readme.txt,' which is displayed on the desktop of the user. In the ransom message, the creators of the Zida Ransomware stress several main points:
- Users are advised to contact the attackers within 72 hours, as this would grant them a 50% discount on the original price of the decryptor.
- The original price is set at $980, and victims who meet the deadline will have to pay half the price - $490.
- The attackers are willing to decipher one file for free as long as it does not contain important information.
- There are two email addresses provided – ‘helpmanager@mail.ch' and ‘restoremanager@airmail.cc.'
It is advisable to remove the Zida Ransomware with the help of a reputable, modern anti-malware solution rather than try to cooperate with the cybercriminals responsible for it.
