Bl9c98vcvv Ransomware Description
If the Bl9c98vcvv Ransomware manages to sneak its way onto a computer, the Bl9c98vcvv Ransomware will initiate its encryption process that targets all popular file types. Affected users will find that they can no longer access their private pictures, video and audio files, photos, etc. Not to mention that business-related files such as databases, documents, and spreadsheets will be locked as well, which could have even more significant consequences. All files encrypted by the Bl9c98vcvv Ransomware will have '.Bl9c98vcvv' added to their original filenames as a new extension. The ransom note with instructions from the criminals is presented in two ways – text files named 'HOW TO DECRYPT FILES.txt' will be dropped in every folder containing encrypted data, accompanied by a pop-up window with the same text being generated.
The Bl9c98vcvv Ransomware may not be an entirely unique threat, as it belongs to the Xorist Ransomware family. However, that doesn't make it any less damaging. The Bl9c98vcvv Ransomware might have been designed to target users that speak the Portuguese language specifically, as the ransom notes it drops are written in English and translated in Portuguese. The hackers have decided to break away from the ransom's typical demands for the restoration of the encrypted files being paid in Bitcoin. Instead, they want the victims of the Bl9c98vcvv Ransomware to send them codes for unused, prepaid vouchers, or through the Ukash/Paysafecards digital systems for prepaid online payments. Links with more details on how to use these systems are included in the ransom note. Another departure from what is considered the norm in ransomware behavior is the criminals' apparent lack of fear in using a Gmail address for contact - firstname.lastname@example.org.
The full text of the note used by the Bl9c98vcvv Ransomware is:
'All your files are encrypted!
To decrypt them you need to
send a voucher code or Paysafecard Ukash at email: email@example.com
In return you get a code to decrypt files.
You can find more information here hxxp://ukash.com/uk/en/home.aspx
PLEASE READ CAREFULLY!
To avoid problems, TURN OFF YOUR ANTI-VIRUS!
AKA restore your files WILL NOT!
Todos os seus arquivos estão criptografados!
Para decifra-los voce precisa
enviar um codigo de voucher Ukash Paysafecard ou no e-mail: firstname.lastname@example.org
Em troca, voce recebera um codigo para decifrar arquivos.
Voce pode encontrar mais informacao aqui hxxp://ukash.com/uk/en/home.aspx
LEIA COM ATENCAO!
Para evitar problemas, DESLIGUE seu anti-virus!
AKA restaurar seus arquivos nao serao!'