Threat Database Ransomware Blackoutware Ransomware

Blackoutware Ransomware

Researchers have identified a new ransomware variant known as Blackoutware. This harmful threat is specifically engineered to encrypt data on infected devices, compelling victims to pay a ransom for the decryption key.

Upon infecting a device, Blackoutware locks the files stored on it. Notably, each affected file undergoes a modification in its filename, with the addition of the '.blo' extension. For instance, a file originally named '1.jpg' transforms into '1.jpg.blo,' and '2.png' becomes '2.png.blo.' This extension serves as an indicator of the encryption applied to the files.

After the process of encryption is completed, a ransom note named '!!!WARNING!!!.txt' is deposited into the 'C:\Users[username]' folder. This note typically contains instructions from the attackers, outlining the steps the victim must take to pay the demanded ransom and receive the decryption key. The presence of such ransom notes is a common tactic employed by cybercriminals to intimidate and coerce victims into complying with their demands.

The Blackoutware Ransomware Demands a Ransom Paid in Cryptocurrencies

The ransom message delivered by the Blackoutware Ransomware explicitly communicates that the victim's files have undergone encryption, and the only means of decryption is through payment. Refusal to comply with the ransom demand threatens the exposure of sensitive data extracted from the compromised device, including files, login credentials, credit card numbers and other confidential information.

The specified ransom amount is 5000 euros, payable in either LTC (Litecoin) or BTC (Bitcoin) cryptocurrencies. A deadline of 72 hours is set for the victim to meet the payment conditions. The ransom note cautions against attempting to modify the encrypted files or using third-party decryption tools, as these actions may result in irreversible data loss.

Decryption without the involvement of the cybercriminals is typically unattainable. Furthermore, even if victims do comply with the ransom demands, there is no guarantee of receiving the promised decryption keys or software. Consequently, it is strongly advised against paying the ransom, as doing so not only fails to ensure data recovery but also supports the illicit activities of the perpetrators.

To thwart further data encryption, the removal of the Blackoutware ransomware from the operating system is recommended. However, it is important to note that the removal process does not automatically restore access to the encrypted files, emphasizing the importance of preventive measures and the adoption of secure computing practices.

Take Proactive Steps to Protect Your Devices from Malware Threats

Users can take several proactive measures to protect their devices from malware threats. Here are some key steps:

  • Install Security Software:
  • Utilize reputable anti-malware software to provide real-time protection against a wide range of threats. Keep the software updated to ensure it can effectively identify and neutralize the latest malware.
  •  Regular Software Updates:
  • Keep operating systems, applications, and software up to date with the latest security patches. Regular updates help patch vulnerabilities that malware often exploits.
  •  Enable Firewalls:
  • Activate firewalls on devices to monitor and control incoming and outgoing network traffic. Firewalls act as a barrier between your device and potential threats from the Internet.
  •  Exercise Caution with Unexpected Emails:
  • Be watchful of unsolicited emails and avoid accessing links or attachments from undisclosed or suspicious sources. Phishing emails are a common method for delivering malware.
  •  Use Strong, Unique Passwords:
  • Employ strong and unique passwords for all accounts. This lessens encryption malware from obtaining login credentials.
  •  Backup Regularly:
  • Regularly back up important data to an external device or a secure cloud service. In the event of a malware attack, having backups ensures that data can be restored without paying a ransom.
  •  Secure Wi-Fi Networks:
  • Use strong and unique passwords for Wi-Fi networks to prevent unauthorized access. Securing your network helps protect devices from malware that may attempt to exploit vulnerabilities through unsecured connections.
  •  Educate Yourself:
  • Try to obtain the latest cybersecurity threats and techniques used by cybercriminals. Knowledge empowers users to recognize potential threats and adopt preventive measures.
  •  Limit User Privileges:
  • Use the principle of least privilege by permitting users the minimal level of access necessary to perform their tasks. This reduces the impact of malware if a device is compromised.
  •  By adopting these proactive measures, users can significantly reduce the risk of malware infections and enhance the overall security of their devices.1

The full ransom note dropped by the Blackoutware Ransomware is:

'Hello All your files are encrypted by Blackoutware.
For decryption Send 5000€ LTC or BTC to The Wallet Mentioned At the Bottom of the Text
And Email us with the Transaction ID And ID We Will Give u the Decryptor
BTC Address: bc1q265exqnphfd99a2v00yzd87mz6kjpqkylk2cv3
LTC Address: Lh9PRuQsnwJcvAJCvJ9e7iNh6nueFCnXvf
Where to Buy Crypto and Where to Store it?
ANSWER: Download exodus at hxxps:// And buy Crypto at hxxps://

If U Dont Pay! We Will Leak all ur Sensitive Information Such as Passwords,Credit Cards,Files

Our Email:
Our Telegram: hxxps://

Your ID:'


Most Viewed