Threat Database Ransomware Dragon/VoidCrypt Ransomware

Dragon/VoidCrypt Ransomware

The Dragon/VoidCrypt Ransomware is a potent malware threat that is capable of causing enormous damage to any compromised computer. Although analysis showed that the Dragon/VoidCrypt Ransomware is a variant belonging to the VoidCrypt Ransomware family, users shouldn't underestimate the threat. The powerful encryption routine utilizing an uncrackable cryptographic algorithm ensures that the files locked by the Dragon/VoidCrypt Ransomware cannot be decrypted without the required decryption key. 

Victims of the Dragon/VoidCrypt Ransomware will notice that nearly all of their files have had their original names changed drastically. Indeed, the threat uses a complex naming pattern to mark the files it encrypts. An email address belonging to the hackers, followed by a unique ID string, and finally '.Dragon' will be appended to each file's original name. When the threat is done encrypting the files stored on the compromised system, it will drop its ransom note. The instructions from the hackers will be placed inside text files named 'Decrypt-me.txt.'

To supposedly send the necessary decryption key and tool to their victims, the hackers expect to receive a ransom payment. The exact sum of the money is not mentioned in the ransom note, but it is stated to use the Bitcoin cryptocurrency explicitly. Users also will have to locate a file named 'prvkey*.txt.key' (instead of the asterisk symbol the actual file may have a number in its name) and send it to the hackers via the two provided email addresses - 'ForDecrypte@mailfence.com' and 'ForHelp@cock.li.' The 'prvkey*.txt.key' file is vital for the decryption process so modifying it in any way could lead to permanent data loss. Users also can attach a couple of files that are less than 1MB in size that will supposedly be decrypted for free. 

The full text of Dragon/VoidCrypt Ransomware's instructions is:

'All Your Files Has Been Encrypted

You Have to Pay to Get Your Files Back

1-Go to C:\ProgramData\ or in Your other Drives and send us prvkey*.txt.key file , * might be a number (like this : prvkey3.txt.key)
2-You can send some file little than 1mb for Decryption test to trust us But the test File should not contain valuable data
3-Payment should be with Bitcoin
4-Changing Windows without saving prvkey.txt.key file will cause permanete Data loss

Our Email:ForDecrypte@mailfence.com

in Case of no Answer:ForHelp@cock.li'

Trending

Most Viewed

Loading...