Army Ransomware

Army Ransomware Description

The Army Ransomware is a variant belonging to the Xorist malware family. The Army Ransomware aims to infiltrate targeted computers, initiate an encryption routine, and lock the files stored there with an uncrackable cryptographic algorithm. Afterward, users will lose their ability to access the affected files in any way. The name of each encrypted file will be modified by having '.army' appended to it as a new extension. The Army Ransomware, as all of the Xorist Ransomware variants, delivers a ransom note with instruction in the form of a text file named 'HOW TO DECRYPT FILES.txt' that will be generated on the Desktop.

The note states that affected users will have only 5 chances to enter the correct key. If the number of attempts is exceeded, all encrypted data will be lost permanently. Unfortunately, the note lacks any of the other vital details that users might require. The amount of the demanded ransom, as well as the way the money is supposed to be transferred, are missing. Furthermore, the note doesn't mention a way for the victims to contact the cybercriminals to obtain more information.

The current state of the ransom note points out to this version of the Army Ransomware being released for testing purposes. As such, affected users have rather limited options at their disposal. The best course of action is to remove the Army Ransomware threat from the system with a professional anti-malware solution. Only after the device has been cleaned, users can try to restore the locked data from a suitable backup.

The full text of the note is:

'Attention! All your files are encrypted!
To restore your files and access them,
please pay

You have 5 attempts to enter the code.
When that number has been exceeded,
all the data irreversibly is destroyed.
Be careful when you enter the code!
'

Related Posts