Hinduism Ransomware

Although the Hinduism Ransomware appears to be just another variant without any major improvements, Hinduism's potency to cause destruction on the infected computers shouldn't be underestimated. The Hinduism Ransomware is a threat from the Makop Ransomware family. The threat initiates a strong encryption process involving an uncrackable cryptographic algorithm to lock the files stored on the device. All files affected by the threat will have their original names changed drastically. The Hinduism Ransomware will append to them a string of characters acting as a unique ID for the victim, an email address under the control of its operators, and finally '.hinduism' as a new extension. The email address is 'hinduism0720@tutanota.com.' Following the completion of its encryption routine, the threat will drop a ransom note as a text file named 'readme-warning.txt.'

Ransom Note Details

Opening the message reveals the instructions left by the cybercriminals. Apparently, to provide their victims with the decryption tool necessary for the restoration of the files, they want to be paid a ransom in Bitcoin. Bitcoin is arguably the most well-known cryptocurrency and is a common choice of ransomware operators. The hackers also state that they will demonstrate their ability to unlock the affected files. Victims can send two encrypted files via an email message. However, the files have to meet a couple of requirements. First, they must have simple extensions so no archives or databases, and secondly, they must be less than 1MB in size. The ransom note mentions three different email addresses that can be used to reach the hackers - 'hinduism0720@tutanota.com,' 'pecunia0318@protonmail.ch,' and 'pecunia0318@goat.si.'

The full text of the ransom message is:

'::: Greetings :::

Little FAQ:
.1.
Q: Whats Happen?
A: Your files have been encrypted and now have the "hinduism" extension. The file structure was not damaged, we did everything possible so that this could not happen.

.2.
Q: How to recover files?
A: If you wish to decrypt your files you will need to pay in bitcoins.
.3.
Q: What about guarantees?
A: Its just a business. We absolutely do not care about you and your deals, except getting benefits. If we do not do our work and liabilities - nobody will cooperate with us. Its not in our interests.
To check the ability of returning files, you can send to us any 2 files with SIMPLE extensions(jpg,xls,doc, etc… not databases!) and low sizes(max 1 mb), we will decrypt them and send back to you. That is our guarantee.

.4.
Q: How to contact with you?
A: You can write us to our mailbox: hinduism0720@tutanota.com or pecunia0318@protonmail.ch or pecunia0318@goat.si

.5.
Q: How will the decryption process proceed after payment?
A: After payment we will send to you our scanner-decoder program and detailed instructions for use. With this program you will be able to decrypt all your encrypted files.

.6.
Q: If I don’t want to pay bad people like you?
A: If you will not cooperate with our service - for us, its does not matter. But you will lose your time and data, cause only we have the private key. In practice - time is much more valuable than money.

:::BEWARE:::
DON'T try to change encrypted files by yourself!
If you will try to use any third party software for restoring your data or antivirus solutions - please make a backup for all encrypted files!
Any changes in encrypted files may entail damage of the private key and, as result, the loss all data.