Delta Team Ransomware
The Delta Team Ransomware is another potent malware threat that aims to block users from accessing their own information. The threat aims to infiltrate the victim's computers and then encrypt the files stored there with a strong cryptographic algorithm. All common file types will be affected - documents, pictures, photos, archives, databases, etc.
Whenever a file is encrypted, a new extension will be appended to its original name. In the case of the Delta Team Ransomware, the extension is the email address of the hackers - '.deltapaymentbitcoin@gmail.com.' A ransom note will then be delivered to the compromised system in the form of a text file named 'FILES ENCRYPTED.txt.'
After analyzing the code of the threat, infosec researchers were able to unearth a hardcoded decryption password ('doydoo21'). Such critical flaws in malware threats usually lead to the creation of free decryption tools. However, for now, no such programs have been released for this particular threat. Therefore, the victims of the Delta Team Ransomware may have to wait for a while longer.
Ransom Note's Details
The ransom note of the threat reveals that its operators demand to be paid a ransom of exactly $1800. The sum must be transferred to the attacker's crypto-wallet address and be paid using the Bitcoin crypto-currency. After sending the money, affected users are instructed to contact the hackers via the provided email address. It should be noted that according to the instructions, victims who establish contact within the first 24 hours will need to pay only half of the ransom amount or $900.
However, as mentioned earlier, the Delta Team Ransomware features a critical flaw that has allowed cybersecurity experts to access a hardcoded decryption password. It remains to be seen if the discovery will lead to the creation of a free decryptor tool that will be able to restore the files of the victims without the need for any assistance from the Delta Team ransomware hackers.
The full text of the ransom note is:
'You Are Hacked….!
ATTENTION!
Don't worry, you can return all your files!
All your files like pictures, databases, documents,aplications and other are encrypted with
strongest encryption and with unique key.
The only method of recovering files is to purchase decryption software and his key for you.
This decryption software will dycrypt all your encrypted files and also your computer come in his good condition.
Price of decryption key and decrypt software is $1800, but discount 50% will apply(means you pay only $900.), if you contact us within 1day(24 hours).
There are only 1 method for paying money to us, only BitCoin
You have 24 hours to transfer 0,019 BTC to wallet: bc1q2n23xxx2u8hqsnvezl9rewh2t8myz4rqvmdzh2
Our Email - deltapaymentbitcoin@gmail.com
Copy This line and email us - and give me wallet address.
Warning - contact within 24 hours for pay only $900, otherwise you charge $1800 for dycryption key and software
After email we will in Some time, reply you and give you wallet address.
and then after successfull payment , we will send you decryption software link and decryption key to your replyed email.
Caution - if You Change any encrypted file name (remove his .deltapaymentbitcoin@gmail.com extention), then you won't be able to decrypt this file.
Our email for your contactdeltapaymentbitcoin@gmail.com
Delta_Team 🙂
Your id (save it, its very important) -'
