Cl Ransomware Description
The Cl Ransomware is yet another potent ransomware threat classified as part of the prolific family of malware based on the Dharma Ransomware. As a result, it deviates only slightly from the norm for variants stemming from the Dharma Ransomware. However, that doesn't make it less threatening. Upon successful infiltration, the Cl Ransomware encrypts the files stored on the computer with a strong cryptographic algorithm and demands a certain amount of money to be paid by the victims if they want to receive the decryption key needed for the restoration of the data.
Any file that has been encrypted by the Cl Ransomware will have its original filename changed to follow a specific pattern - unique ID for the victim, email address of the hackers, and '.cl' as a new extension will be appended to the original name of the file. For example, if the file was named 'Picture1.png' previously, it will be changed to 'Picture1.png.[Victim's ID].email@example.com'. The ransom note with instructions left by the cybercriminals will be dropped as a text file named 'FILES ENCRYPTED.txt' in every folder containing an encrypted file, while another note will be displayed in a pop-up window on the device's screen. Two email addresses for contact are provided. The primary one is firstname.lastname@example.org, while email@example.com should be used if there has been no response by the hackers within 12 hours.
The text contained in the 'Files Encrypted.txt' file is:
'all your data has been locked us
You want to return?
write email firstname.lastname@example.org or email@example.com.'
The text of the pop-up window is:
'YOUR FILES ARE ENCRYPTED
Don't worry,you can return all your files!
If you want to restore them, follow this link:email firstname.lastname@example.org YOUR ID -
If you have not been answered via the link within 12 hours, write to us by e-mail:email@example.com
Do not rename encrypted files.
Do not try to decrypt your data using third party software, it may cause permanent data loss.
Decryption of your files with the help of third parties may cause increased price (they add their fee to our) or you can become a victim of a tactic'