Byya Ransomware

Byya Ransomware Description

The Byya Ransomware threat is another threatening variant that belongs to the STOP/Djvu Ransomware family. Although the threat is for the most part identical to the other variants released by cybercriminals, it can still wreak havoc on the infected computers or devices. The Byya Ransomware will initiate an encryption process that will leave the vast majority of the data found on the breached system in an unusable state.

Upon encrypting a targeted file, the threat also will modify that file's original name. More specifically, the malware will append '.byaa' to the filenames as a new extension. Another change to the system will be the creation of a new text file named '_readme.txt.' Inside the file, victims of the threat will find a ransom note with instructions from the attackers

Ransom Note's Details

In general, the ransom-demanding message of Byya Ransomware follows closely the established STOP/Djvu pattern. The threat states that restoration of the locked files is only possible after receiving the decryption keys and the software tool from the hackers. To do so, victims are extorted into paying a ransom of $980. If contact with the cybercriminals is established within 72 hours of the breach, the sum of the ransom will supposedly be decreased by 50% to $490. Affected users also are told that they can attach a single encrypted file to their messages, which will be unlocked for free. According to the ransom note, two email addresses can be used for this purpose - 'manager@time2mail.ch' and 'supportsys@airmail.cc.'

The full text of the note left by Byya Ransomware is:

'ATTENTION!

Don't worry, you can return all your files!
All your files like pictures, databases, documents and other important are encrypted with strongest encryption and unique key.
The only method of recovering files is to purchase decrypt tool and unique key for you.
This software will decrypt all your encrypted files.
What guarantees you have?
You can send one of your encrypted file from your PC and we decrypt it for free.
But we can decrypt only 1 file for free. File must not contain valuable information.
You can get and look video overview decrypt tool:
hxxps://we.tl/t-2w6I3WpXEh
Price of private key and decrypt software is $980.
Discount 50% available if you contact us first 72 hours, that's price for you is $490.
Please note that you'll never restore your data without payment.
Check your e-mail "Spam" or "Junk" folder if you don't get answer more than 6 hours.

To get this software you need write on our e-mail:
manager@time2mail.ch

Reserve e-mail address to contact us:
supportsys@airmail.cc

Your personal ID:'