BTC (VoidCrypt) Ransomware

Cybersecurity researchers have caught a new threatening ransomware variant from the infamous VoidCrypt Ransomware family. The threat is tracked as BTC (VoidCrypt) Ransomware and can inflict serious damage to the computers it manages to infect. By executing an encryption routine with an uncrackable cryptographic algorithm, the malware can effectively lock users out of their own data. Indeed, BTC (VoidCrypt) can encrypt documents, PDFs, databases, archives, images, photos and more file types.

Whenever a file is processed by the threat, it will have its original name modified to a significant degree. The threat will first generate a unique ID string and attach it to all encrypted files. Next, BTC (VoidCrypt) will add an email address controlled by its operators - 'RansomwareSupport@ZohoMail.com.' Finally, '.BTC' will be appended to the file names as a new file extension. Victims also will notice that a new text file has emerged on the desktop of the breached devices. The file is named 'unlock-info.txt' and contains a ransom note detailing the demands of the attackers.

Ransom Note's Overview

The ransom-demanding message specifies that the attacker will accept ransom payments made using the Bitcoin cryptocurrency only. The exact sum is not mentioned but the attacker state that victims who contact them faster will receive better terms. Affected users will find two email addresses inside the note. One is the aforementioned 'RansomwareSupport@ZohoMail.com,' while the other is 'Zeini.p73@gmail.com.' It is peculiar that ransomware operators have decided to use a Gmail address as a communication channel.

According to the instructions, victims of BTC (VoidCrypt) can send one file to be decrypted for free, likely as a demonstration that the hackers can restore all of the locked data. However, the chosen file must not contain any valuable information and should not exceed 1MB in size.

The full text of BTC (VoidCrypt) Ransomware's note is:

'All your files have been encrypted!

All your files have been encrypted due to a security problem with your PC. If you want to restore them, write us to the e-mail; RansomwareSupport@ZohoMail.com
Write this ID in the title of your message : -
In case of no answer in 24 hours write us to theese e-mails: Zeini.p73@gmail.com
You have to pay for decryption in Bitcoins. The price depends on how fast you write to us. After payment we will send you the decryption tool that will decrypt all your files.

Free decryption as guarantee
Before paying you can send us up to 1 file for free decryption. The total size of files must be less than 1Mb (non archived), and files should not contain valuable information. (databases,backups, large excel sheets, etc.)

How to obtain Bitcoins
The easiest way to buy bitcoins is LocalBitcoins site. You have to register, click 'Buy bitcoins', and select the seller by payment method and price.
hxxps://localbitcoins.com/buy_bitcoins
Also you can find other places to buy Bitcoins and beginners guide here:
hxxp://www.coindesk.com/information/how-can-i-buy-bitcoins/

Attention!
Do not rename encrypted files.
Do not try to decrypt your data using third party software, it may cause permanent data loss.
Decryption of your files with the help of third parties may cause increased price (they add their fee to our) or you can become a victim of a scam'