Blue Locker Ransomware

Blue Locker Ransomware Description

Type: Ransomware

The Blue Locker Ransomware is malware designed specifically to target its victim's data and render it inaccessible. This threatening goal is achieved via a strong encryption process employing an uncrackable cryptographic algorithm. Victims will find that they can no longer open or use their documents, PDFs, archives, photos, databases, etc. The attackers will then extort the affected users for money in exchange for the required decryption key.

As part of its actions, the threat also will mark each encrypted file. It does so by appending a new file extension - '.blue,' to the original names of the files. When all suitable data has been locked, the Blue Locker will deliver a ransom note with instructions for its victims. The message will be placed in a newly-created text file named 'restore_file.txt.'

Demands Details

According to the note, the attackers have not only encrypted the victim's files but also have deleted all backups, while collecting sensitive information from the compromised systems simultaneously. If victims wait too long to initiate contact with the hackers, their data will be released for free on the Dark Web. To get additional instructions, users are supposed to message the email address mentioned in the note - 'grepmord@protonmail.com.' No alternative communication channels are mentioned.

The full text of the note is:

'----------- [ Hello! ] ------------->

What happend?

Your computers and servers are encrypted, backups are deleted from your network and copied. We use strong encryption algorithms, so you cannot decrypt your data.
But you can restore everything by purchasing a special program from us - a universal decoder. This program will restore your entire network.
Follow our instructions below and you will recover all your data.
If you continue to ignore this for a long time, we will start reporting the hack to mainstream media and posting your data to the dark web.

What guarantees?

We value our reputation. If we do not do our work and liabilities, nobody will pay us. This is not in our interests.
All our decryption software is perfectly tested and will decrypt your data. We will also provide support in case of problems.
We guarantee to decrypt one file for free. email us.

How to contact us?

You can write us to our mailbox : grepmord@protonmail.com

!!! DANGER !!!
DO NOT MODIFY or try to RECOVER any files yourself. We WILL NOT be able to RESTORE them.
!!! DANGER !!
'

Site Disclaimer

Enigmasoftware.com is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their computer with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.