Artemis Ransomware

Artemis Ransomware Description

The Artemis Ransomware is a new crypto locker threat based on a previously detected ransomware threat called PewPew Ransomware. The Artemis Ransomware operates much in the same way as the PewPew Ransomware – it attempts to compromise the targeted computer and then proceeds to lock files with a powerful cryptographic algorithm. The original names of the encrypted files will be modified significantly. The threat appends a string representing the victim's unique ID, an email address belonging to the hackers - 'khalate@tutanota.com,' and finally '.artemis' as a new extension at the end of each filename. When the encryptions process is completed, the Artemis Ransomware drops an Html file called 'info-decrypt.hta' containing a ransom note in every folder with locked files.

According to the note, the Artemis Ransomware victims are supposed to pay an unspecified amount in Bitcoin to the hackers in exchange for a decryptor tool. To email addresses are provided for contact - the previously mentioned 'khalate@tutanota.com' and 'khalate@protonmail.com.' Apparently, the exact sum will depend on how fast affected users establish communication with the criminals. More than five files that do not exceed 4MB total could be sent for free decryption. The files, however, shouldn't be databases, backups or large Excel spreadsheets.

Victims of the Artemis Ransomware are advised to abstain from sending any amount of money to the hackers, or even better not contacting them. There is no valid guarantee that a decryptor tool will be sent or that it will manage to restore the encrypted files successfully.

The text on the ransom note displayed by the Artemis Ransomware is:

'All your files have been encrypted!

All your files have been encrypted due to a security problem with your PC. If you want to restore them, write us to the email: khalate@tutanota.com

Write this ID in the title of your message : -

In case of no answer in 12 hours write us to this email: khalate@protonmail.com

You have to pay for decryption in Bitcoins. The price depends on how fast you write to us. After payment we will send you the tool that will decrypt all your files.

Free decryption as guarantee

Before paying you can send us up to 5 files for free decryption. The total size of files must be less than 4Mb (non archived), and files should not contain valuable information. (databases,backups, large excel sheets, etc.)

How to obtain Bitcoins

The easiest way to buy bitcoins is LocalBitcoins site. You have to register, click 'Buy bitcoins', and select the seller by payment method and price.

hxxps://localbitcoins.com/buy_bitcoins

Also you can find other places to buy Bitcoins and beginners guide here:

http://www.coindesk.com/information/how-can-i-buy-bitcoins/

Attention!

Do not rename encrypted files.

Do not try to decrypt your data using third party software, it may cause permanent data loss.

Decryption of your files with the help of third parties may cause increased price (they add their fee to our) or you can become a victim of a tactic.'

Related Posts

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.