Coaq Ransomware
Cybersecurity researchers warn users about a new dangerous ransomware threat called Coaq. This particular variant functions by encrypting files and then adding the '.coaq' extension to the filenames. Additionally, Coaq generates a ransom note file named '_readme.txt.' Considering the fact that Coaq has been confirmed as a variant from the STOP/Djvu Ransomware family, it is highly possible that additional malware has been deployed to the breached devices alongside. Operators of STOP/Djvu threats have been observed also to use other types of malware, such as RedLine, Vidar or other data-stealing threats.
The Coaq Ransomware Leaves Victims Unable to Access Their Data
The ransom note of Coaq contains two email addresses ('datarestorehelp@airmail.cc' and 'support@freshmail.top'), along with a recommendation to contact the attackers within 72 hours. The objective of this is to dissuade the victims from paying a higher fee of $980 for decryption tools, which is twice the original price of $490.
In addition, the ransom note stresses that the decryption of files is impossible without purchasing the decryption software and a unique key. The attackers propose a solution for the victims to send a file for free decryption prior to making any payment.
It is crucial to note that paying the ransom is not a recommended course of action. There have been numerous cases where victims have paid the ransom to cybercriminals, only to receive no decryption tool.
Protect Your Devices from Threats Like the Coaq Ransomware
Protecting devices and data from ransomware threats requires a multifaceted approach. Firstly, users should ensure that they keep their operating systems, software, and antivirus software up to date. Regular updates ensure that vulnerabilities and security flaws are patched and fixed, making it more difficult for cybercriminals to exploit them.
Secondly, users should exercise caution while browsing the internet or opening emails from unknown sources. It is essential to avoid clicking on links or downloading attachments from unverified sources, as these could contain malware that can infect the device.
Thirdly, users should make use of strong, unique passwords and enable two-factor authentication wherever possible. Password managers can be used to generate and store complex passwords securely.
Finally, regular backups of critical data should be performed and stored securely. Backups should be stored in a separate location from the primary device and network, such as on an independent hard drive or in the cloud.
Remain vigilant and educate yourself about the latest ransomware threats and attack methods, as cybercriminals continually evolve and adapt their tactics. By adopting these measures and staying informed, users can significantly reduce the risk of falling victim to a ransomware attack.
Coaq Ransomware's ransom note to its victims is:
'ATTENTION!
Don't worry, you can return all your files!
All your files like pictures, databases, documents and other important are encrypted with strongest encryption and unique key.
The only method of recovering files is to purchase decrypt tool and unique key for you.
This software will decrypt all your encrypted files.
What guarantees you have?
You can send one of your encrypted file from your PC and we decrypt it for free.
But we can decrypt only 1 file for free. File must not contain valuable information.
You can get and look video overview decrypt tool:
hxxps://we.tl/t-hhA4nKfJBj
Price of private key and decrypt software is $980.
Discount 50% available if you contact us first 72 hours, that's price for you is $490.
Please note that you'll never restore your data without payment.
Check your e-mail "Spam" or "Junk" folder if you don't get answer more than 6 hours.To get this software you need write on our e-mail:
support@freshmail.topReserve e-mail address to contact us:
datarestorehelp@airmail.ccYour personal ID:'
