Threat Database Ransomware Blue Locker Ransomware

Blue Locker Ransomware

Threat Scorecard

Threat Level: 100 % (High)
Infected Computers: 8
First Seen: December 8, 2021
Last Seen: December 19, 2021
OS(es) Affected: Windows

The Blue Locker Ransomware is malware designed specifically to target its victim's data and render it inaccessible. This threatening goal is achieved via a strong encryption process employing an uncrackable cryptographic algorithm. Victims will find that they can no longer open or use their documents, PDFs, archives, photos, databases, etc. The attackers will then extort the affected users for money in exchange for the required decryption key.

As part of its actions, the threat also will mark each encrypted file. It does so by appending a new file extension - '.blue,' to the original names of the files. When all suitable data has been locked, the Blue Locker will deliver a ransom note with instructions for its victims. The message will be placed in a newly-created text file named 'restore_file.txt.'

Demands Details

According to the note, the attackers have not only encrypted the victim's files but also have deleted all backups, while collecting sensitive information from the compromised systems simultaneously. If victims wait too long to initiate contact with the hackers, their data will be released for free on the Dark Web. To get additional instructions, users are supposed to message the email address mentioned in the note - 'grepmord@protonmail.com.' No alternative communication channels are mentioned.

The full text of the note is:

'----------- [ Hello! ] ------------->

What happend?

Your computers and servers are encrypted, backups are deleted from your network and copied. We use strong encryption algorithms, so you cannot decrypt your data.
But you can restore everything by purchasing a special program from us - a universal decoder. This program will restore your entire network.
Follow our instructions below and you will recover all your data.
If you continue to ignore this for a long time, we will start reporting the hack to mainstream media and posting your data to the dark web.

What guarantees?

We value our reputation. If we do not do our work and liabilities, nobody will pay us. This is not in our interests.
All our decryption software is perfectly tested and will decrypt your data. We will also provide support in case of problems.
We guarantee to decrypt one file for free. email us.

How to contact us?

You can write us to our mailbox : grepmord@protonmail.com

!!! DANGER !!!
DO NOT MODIFY or try to RECOVER any files yourself. We WILL NOT be able to RESTORE them.
!!! DANGER !!
'

Trending

Most Viewed

Loading...