Giuliano Ransomware

The Guiliano Ransomware is a piece of threatening malware designed to lock the files of its victims. The threat can affect a wide range of file types, including audio, video, images, documents, PDFs, archives, databases and more. The Guiliano Ransomware's victims will discover that they can no longer access or use any of their personal or work-related files. It appears that the threat is designed to target Italian-speaking users specifically. One indicator for this is the ransom note that is written entirely in Italian without any translations into other languages.

As part of its harmful actions, the threat will append '.Guiliano' to the name of each locked file. It also will change the default desktop wallpaper of the breached system with one of its own. Finally, the ransom-demanding message will be dropped as a text file named 'README.txt.'

Guiliano Ransomware's Demands

The new wallpaper contains a short message in Italian warning the victims of the threat that all of their files have been encrypted and that they will have to open the 'README.txt' to learn how to restore their data. The proper ransom note doesn't mention anything about making a ransom payment to the hackers. Instead, it lists 4 steps that include opening a provided Web address and filling the form found there. The attackers then promise to send the necessary decryptor software tool that can unlock the files.

The full text of the note in its original Italian is:

'Giuliano

OH NO! Tutti i tuoi file sono stati criptati con un algoritmo di criptazione (AES-256) quasi impossibile da decrittare. Vuoi riavere indietro i tuoi file? Segui questi semplici step:Vai al sito vichingo455.github.io/Giuliano/index.html

Compila il form

Ti inviero il decriptor. Eseguilo

Attendi per ottenere i file indietro'