Hard2decrypt Ransomware

Hard2decrypt Ransomware Description

The Hard2decrypt Ransomware is the name given to a new variant of the previously detected WastedLocker Ransomware. No major deviation from the expected behavior of threats from this family can be observed in Hard2decrypt. It acts as typical ransomware - after infiltrating the computer of the target, it proceeds to encrypt the files stored on it with a powerful encryption algorithm. Each file locked in this manner will have '.hard2decrypt' appended to its original filename as a new extension. Instead of dropping a single text file containing the criminals' ransom note, Hard2decrypt creates a separate text file for each encrypted file. The names of the ransom files are created by adding '_readme' to the name of the corresponding user file.

The instructions provided by the criminals are extremely brief. They simply tell their victims to send an email to one of the four provided email addresses - 'albert9957@protonmail.com,' 'ashton8040@msgsafe.io,' 'branden4505@airmail.cc,' 'santino3046@tutanota.de.' There is no indication of the specific amount that the hackers demand in exchange for the restoration of the encrypted files. The note doesn't mention if the sum should be in the form of Bitcoin or another cryptocurrency.

The ransom note of the Hard2decrypt Ransomware is:

'All your systems are encrypted now.

Contact us to get details:

albert9957@protonmail.com

ashton8040@msgsafe.io

branden4505@airmail.cc

santino3046@tutanota.de

Key:

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.


HTML is not allowed.