DATAF LOCKER Ransomware

By CagedTech in Ransomware

Translate To:

Cybersecurity experts have identified a new variant of the Babuk ransomware family called DATAF LOCKER. This malicious software is designed to block access to data by encrypting it and then demanding a ransom for decryption and recovery. After the encryption process, researchers noted that each file's name was altered to include the '.dataf' extension. For example, a file named '1.jpg' would be renamed '1.jpg.dataf.' Additionally, a text file (named 'How To Restore Your Files.txt') containing a ransom note with instructions was created on the breached devices.

The message from hackers who have encrypted the data on the computers and servers of their victims states that backups were also deleted in the process. To restore everything, they are offering the impacted users or organizations to purchase a decryption program by paying a ransom. The threat actors guarantee that their software tool will decrypt the data and also claim to be willing to provide support if needed.

Furthermore, they offer free decryption of one chosen file as proof of their ability to restore the affected data. They can be reached via a dedicated website that can be accessed only via the Tor Browser. Victims are instructed to use the provided chat credentials. It is important to remember not to modify or try to recover files using third-party tools, as doing so may render the data unrecoverable. The attackers also warn victims that refusal to pay the demanded ransom will result in sensitive data stolen from the infected devices being leaked to the public.

The full text of DATAF LOCKER Ransomware's ransom note is:

----------- [ Hello! ] ------------->

****BY DATAF L**OCKER****

What happend?

Your computers and servers are encrypted, backups are deleted from your network and copied. We use strong encryption algorithms, so you cannot decrypt your data.
But you can restore everything by purchasing a special program from us - a universal decoder. This program will restore your entire network.
Follow our instructions below and you will recover all your data.
If you continue to ignore this for a long time, we will start reporting the hack to mainstream media and posting your data to the dark web.

What guarantees?

We value our reputation. If we do not do our work and liabilities, nobody will pay us. This is not in our interests.
All our decryption software is perfectly tested and will decrypt your data. We will also provide support in case of problems.
We guarantee to decrypt one file for free. Go to the site and contact us.

How to contact us?

Using TOR Browser ( hxxps://www.torproject.org/download/ ):
tor chat: hxxp://tiurksxrhrefu6uzunlkpugr5rzejfeptxr4pauvsyzp4mlzuqmiatad.onion/feDJtT2hZC5X2ICH2Qq8
login:

Password:

!!! DANGER !!!
DO NOT MODIFY or try to RECOVER any files yourself. We WILL NOT be able to RESTORE them.
!!! DANGER !!

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

DATAF LOCKER Ransomware

Submit Comment

Trending

Safe Search Eng

Findtheirreport.com

MarioLocker Ransomware

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen