Codnat Ransomware

The Codnat Ransomware is a newly discovered file-encrypting Trojan. After a quick look, it became evident that this piece of malware is not that 'new' but is, in fact, a variant of the popular STOP Ransomware (also called the Djvu Ransomware).

It is widely believed that this ransomware threat may be propagated via spam emails, fraudulent updates and pirated software. This piece of malware will scan your computer once it infiltrates it successfully. Then, the file types targeted will be located by the Codnat Ransomware. The creators of the Codnat Ransomware have programmed it to target a large variety of files such as documents, photos, databases, audio files, etc. After undergoing encryption, the names of the files would have an added extension to them '.codnat.' Then, the Codnat Ransomware drops its ransom note, which is called '_readme.txt.' The note starts with 'ATTENTION!' and then goes on with 'Don't worry my friend, you can return all your files!' Then, the attackers state that they have used the 'strongest encryption' to lock the user's data and let them know that the only way to retrieve their files, supposedly, is to pay up the ransom fee. The authors of the Codnat Ransomware offer to unlock one file for free so that they can prove that they have a decryption tool available. The ransom fee demanded is $980 but, if the victim gets in touch within 72 hours of the attack, the cyber crooks will offer them 50% discount, and they would 'only' have to pay $490. Then, they go on to provide the user with two email addresses – mosteros@firemail.cc and gorentos@bitmessage.ch. They also can be contacted via Telegram @datarestore.

We would strongly recommend you to avoid cybercriminals like the plague. They are known tricksters with shady morals. Instead, you should obtain a reputable anti-malware tool and clear your computer of this pesky threat.