Threat Database Ransomware Bozon Ransomware

Bozon Ransomware

Threat Scorecard

Threat Level: 100 % (High)
Infected Computers: 2
First Seen: April 18, 2022
OS(es) Affected: Windows

Having your computer infected with the Bozon Ransomware threat can have dire consequences. Indeed, this piece of threatening software is capable of affecting numerous file types and leaving them in an unusable and inaccessible state. Like most ransomware operations, the goal of the cybercriminals responsible for spreading Bozon is to extort money from their victims.

Once the threat has initiated its invasive programming, it will scan the files stored on the system, encrypt them with a strong cryptographic algorithm, and append '.bozon' as a new extension to their original file names. Afterward, a text file named 'FILE RECOVERY.txt' will be created on the system's desktop. The file will contain a ransom note with instructions from the threat actors.

Ransom Note’s Details

The ransom-demanding message left by the Bozon Ransomware doesn't reveal the exact amount of money that the attackers want to receive. Apparently, the ransom will be determined on an individual basis after the victims have established contact and messaged the hackers. The note provides only the email address 'mallox@tutanota.com' as a viable communication channel. Affected users are instructed that their initial email must contain the ID string found in the note. According to the note, the cybercriminals will decrypt a couple of files for free as a demonstration of their ability to restore all locked data. The chosen files, however, must not contain valuable information.

The full text of the message left by Bozon Ransomware is:

'Your files are encrypted!
Your personal ID:

To decrypt, follow the instructions below.
To recover data you need decrypt tool.
To get the decrypt tool you should:

Send 1 crypted test image or text file or document to mallox@tutanota.com
In the letter include your personal ID (look at the beginning of this document). Send me this ID in your first email to me.
We will give you free test for decrypt few files (NOT VALUE) and assign the price for decryption all files.
After we send you instruction how to pay for decrypt tool and after payment you will receive a decrypt tool and instructions how to use it.
We can decrypt few files in quality the evidence that we have the decoder.
'

SpyHunter Detects & Remove Bozon Ransomware

File System Details

Bozon Ransomware may create the following file(s):
# File Name MD5 Detections
1. file.exe 4a37efca5db6dd9817cdf5adb696bc51 2

Trending

Most Viewed

Loading...