Threat Database Ransomware Cl Ransomware

Cl Ransomware

By GoldSparrow in Ransomware

The Cl Ransomware is yet another potent ransomware threat classified as part of the prolific family of malware based on the Dharma Ransomware. As a result, it deviates only slightly from the norm for variants stemming from the Dharma Ransomware. However, that doesn't make it less threatening. Upon successful infiltration, the Cl Ransomware encrypts the files stored on the computer with a strong cryptographic algorithm and demands a certain amount of money to be paid by the victims if they want to receive the decryption key needed for the restoration of the data.

Any file that has been encrypted by the Cl Ransomware will have its original filename changed to follow a specific pattern - unique ID for the victim, email address of the hackers, and '.cl' as a new extension will be appended to the original name of the file. For example, if the file was named 'Picture1.png' previously, it will be changed to 'Picture1.png.[Victim's ID].cl_crypt@aol.com.cl'. The ransom note with instructions left by the cybercriminals will be dropped as a text file named 'FILES ENCRYPTED.txt' in every folder containing an encrypted file, while another note will be displayed in a pop-up window on the device's screen. Two email addresses for contact are provided. The primary one is cl_crypt@aol.com, while cl_crypt2@aol.com should be used if there has been no response by the hackers within 12 hours. 

The text contained in the 'Files Encrypted.txt' file is:

'all your data has been locked us

You want to return?

write email cl_crypt@aol.com or cl_crypt2@aol.com.'

The text of the pop-up window is:

'YOUR FILES ARE ENCRYPTED

Don't worry,you can return all your files!

If you want to restore them, follow this link:email cl_crypt@aol.com YOUR ID -

If you have not been answered via the link within 12 hours, write to us by e-mail:cl_crypt2@aol.com

Attention!

Do not rename encrypted files.

Do not try to decrypt your data using third party software, it may cause permanent data loss.

Decryption of your files with the help of third parties may cause increased price (they add their fee to our) or you can become a victim of a tactic'

Related Posts

Trending

Most Viewed

Loading...