Ety Ransomware

The Ety Ransomware is a hurtful threat, created for the sole reason of locking the data of its victims. By using a strong cryptographic algorithm, all of the files impacted by the malware will become inaccessible. Restoration of the files impacted by malware is typically impossible without having the correct decryption keys. Analysis of the Ety Ransomware showed that the threat is a variant from the Xorist Ransomware family.

Each file locked by the threat will be marked by having '.ety' attached to its original name as a new extension. Victims also will find that a new text file named 'КАК РАСШИФРОВАТЬ ФАЙЛЫ.txt' has been created on the infected device. An identical ransom note also will be displayed in a pop-up window. The text of both ransom-demanding messages is entirely in Russian, signaling that the operators of the Ety Ransomware may be targeting Russian-speaking users specifically. If the infected devices do not have support for Cyrillic languages installed, the message in the pop-up window will be shown as incoherent gibberish.

According to the delivered instructions, victims of the Ety Ransomware must contact the attackers by messaging the 'oleg8581@mail.ru' email address. The cybercriminals state that they must receive a message from their victims within a specific time frame. If the deadline passes, the decryption keys for the locked files will supposedly be deleted, and all affected data will become unrecoverable.

The full text of the ransom notes dropped by Ety Ransomware in their original Russian is:

'Ваши файлы были зашифрованны. Для того что бы расшифровать свои файлы, Вам необходимо написать нам, на адрес почты, который указан ниже.

oleg8581@mail.ru

Ждем ответа до обеда, если неполучим ответа , удаляем ключи расшифровки файлов.

Проверьте свою почту

Мы написали (письма могут уходить в спам)'