Threat Database Ransomware Hospitalhelper Ransomware

Hospitalhelper Ransomware

Infosec researchers have uncovered a ransomware threat that threatens users' computers. Named Hospitalhelper Ransomware, the threat is capable of rendering a wide array of file types unusable by locking them with a strong cryptographic algorithm. The attackers then extort their victims for money by promising to provide the necessary decryption key and software tool that could potentially restore the encrypted data.

Whenever Hospitalhelper locks a file, it also changes that file's original name. The threat appends a new file extension consisting of '.hospitalhelper,' followed by a unique ID string that was assigned to the specific victim. Finally, the malware leaves a note with instructions for its victims. The ransom-demanding message will be delivered as a text file named '!!! ALL YOUR FILES ARE ENCRYPTED !!!.TXT.'

Ransom Note's Details

In the ransom note, the attackers claim that the only way to restore the encrypted file is by paying them and getting the unique decryption key. The note doesn't mention if the ransom needs to be transferred using a specific cryptocurrency, a common trend among cybercriminals. Victims also are left with a single email address - 'hospital2021helper@getbackinthe.kitchen,' which they can use to establish contact with the attackers. Affected users can attach one locked file to their initial message that will then supposedly be decrypted for free. The ransom note ends with several warnings.

The full text of Hospitalhelper's note is:

'!!! ALL YOUR FILES ARE ENCRYPTED !!!
All your files, documents, photos, databases and other important files are encrypted.
You are not able to decrypt it by yourself! The only method of recovering files is to purchase
an unique private key.
Only we can give you this key and only we can recover your files.

To be sure we have the decryptor and it works you can send an email: hospital2021helper@getbackinthe.kitchen and decrypt one file for free.
But this file should be of not valuable!

Do you really want to restore your files?
Write to email: hospital2021helper@getbackinthe.kitchen

Your personal ID:

Attention!Do not rename encrypted files.

Do not try to decrypt your data using third party software, it may cause permanent data loss.

Decryption of your files with the help of third parties may cause increased price (they add their fee to our) or you can become a victim of a scam.'

Trending

Most Viewed

Loading...