Dusk Ransomware
The Dusk Ransomware is a crypto locker threat that has, so far, not been classified as belonging to any of the pre-existing ransomware families. That doesn't make it any less threatening, though. Once inside the user's computer, the Dusk Ransomware will encrypt nearly all of the files stored on it with a potent cryptographic algorithm rapidly. Users will find that they can no longer access all of their files - documents, PDFs, audio, music, video, etc. All of the locked files will have '.Dusk' appended to their original names as a new extension. The Dusk Ransomware delivers its ransom note in the form of text files named '!#!READ-ME!#.txt.'
According to the instructions, the victims of the Dusk Ransomware are expected to pay a $50 ransom if they want to recover their files from the hackers. The payment must be made using Bitcoin, arguably the most popular cryptocurrency. Bitcoin's exchange rate is notoriously unstable, but at the current prices, the ransom amounts to 0.0031 BTC. After completing the transaction, victims are told to initiate communication by sending a message to the provided email address at cyber.'duskfly@protonmail.com.'
The full text of the Dusk Ransomware's note is:
'------------------------------
____ __ _____ __ __
/ __ \/ / / / ___/ / /. /_/
/ / / / / / /\__ \/ ,<
/ /_/ / /_/ /___/ / / | |
/_____/\____//__/_/ |_|
------------------------------
Dusk v1.0
YOUR FILES ARE ENCRYPTED!
------------------------------
If you want to recover them follow these steps:
1. Send $50 to this address:
BTC: 1EiGoumJiBNJszEzTzasmQhCVaEYDDEbuo
2. Send email to:
cyber.duskfly@protonmail.com
3. Enjoy!
------------------------------
Do not waste your time trying recover your files using third party services! Only we can do that.'
