Exploit6 Ransomware

The Exploit6 Ransomware threat is designed specifically to lock the data of its victims. Malware of this type carries strong encryption routines that target a wide range of file types. When activated, ransomware threats will scan the breached devices for any documents, PDFs, pictures, archives, databases, etc., and leave them in a completely unusable state. Although restoration of the encrypted data could be possible, without knowing the proper decryption keys it is not a realistic option.

Exploit6 appends '.exploit6' to the names of the files it locks as a new extension. A ransom note will be delivered to the infected systems as a text file named 'READMI.txt.' The message is rather brief and lacks many crucial details. Affected victims are simply instructed to send an SMS to the Telegram account of the attackers at '@root_exploit6.' According to the note, Exploit6 Ransomware's victims have only 1 chance to enter the correct code. If they fail to do so, the encrypted files will apparently be corrupted and become unsalvageable.

The full text of the hackers' instructions is:

'Attention! All your files are encrypted!
To restore your files and access them,
send an SMS with the text - to the User Telegram @root_exploit6

You have 1 attempts to enter the code. If this
amount is exceeded, all data will irreversibly deteriorate. Be
careful when entering the code!

Glory'