Erqw Ransomware
The Erqw Ransomware is a hurtful threat that can compromise the security of its victims' data by encrypting it and adding the '.erqw' extension to their filenames. Upon encrypting the data, the Erqw Ransomware creates a '_readme.txt' file that serves as a ransom note.
The Erqw Ransomware belongs to the STOP/Djvu family, which is known for sometimes being distributed alongside other malware, such as RedLine, Vidar or information-collecting malware. This makes the threat even more serious, as the victim's confidential information may be collected in addition to the encrypted files. This underscores the need for individuals and organizations to stay informed about the latest ransomware threats and take steps to protect themselves.
The Demands of the Erqw Ransomware
According to the information contained in the Erqw ransomware's ransom note, it is clear that the encrypted files cannot be decrypted without the use of specialized decryption software and a unique key that is only in possession of the attackers. To communicate with the attackers and obtain the decryption tools, victims are instructed to send an email within 72 hours to either support@freshmail.top or datarestorehelp@airmail.cc. The ransom note also claims that victims who act quickly and contact the threat actors within the specified timeframe will be able to purchase the decryption tools for a lower price of $490 rather than $980.
Contacting Cybercriminals is Extremely Risky
There are several reasons why ransomware victims should not contact cybercriminals or pay a ransom:
- No guarantee of decryption: Even if a ransom is paid, the cybercriminals may not provide the decryption key or software needed to restore the encrypted files. In some cases, victims have paid the ransom but have not received the promised decryption tools.
- Encouraging illegal activity: Paying a ransom to cybercriminals funds their illegal activities and incentivizes them to continue targeting victims with ransomware attacks.
- Risk of further attacks: By contacting cybercriminals, victims run the risk of exposing their systems to additional attacks, as the attackers may use the opportunity to collect sensitive information or install other threatening software.
In conclusion, it is best to avoid any communication with cybercriminals and not to pay them any amount of money, as this is not a guaranteed solution and only serves to encourage and fund illegal activities. Instead, victims of a ransomware attack should focus on restoring their data from backups and strengthening their security measures to prevent future incidents.
The full text of Erqw Ransomware's note is:
'ATTENTION!
Don't worry, you can return all your files!
All your files like pictures, databases, documents and other important are encrypted with strongest encryption and unique key.
The only method of recovering files is to purchase decrypt tool and unique key for you.
This software will decrypt all your encrypted files.
What guarantees you have?
You can send one of your encrypted file from your PC and we decrypt it for free.
But we can decrypt only 1 file for free. File must not contain valuable information.
You can get and look video overview decrypt tool:
hxxps://we.tl/t-8pCGyFnOj6
Price of private key and decrypt software is $980.
Discount 50% available if you contact us first 72 hours, that's price for you is $490.
Please note that you'll never restore your data without payment.
Check your e-mail "Spam" or "Junk" folder if you don't get answer more than 6 hours.To get this software you need write on our e-mail:
support@freshmail.topReserve e-mail address to contact us:
datarestorehelp@airmail.ccYour personal ID:'
