Inferno Ransomware
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Threat Level: | 100 % (High) |
| Infected Computers: | 6 |
| First Seen: | October 27, 2021 |
| Last Seen: | December 7, 2021 |
| OS(es) Affected: | Windows |
Infosec researchers discovered a new threatening malware named Inferno Ransomware. The threat is a variant based on the previously detected Avaddon Ransomware threat. It is equipped with a strong encryption process that locks numerous file types. Victims will lose access to both their personal and business-related documents, databases, archives, PDFs, etc. Each encrypted file will have '.avdn' appended to its name as a new extension. Finally, the threat will drop a ransom note on the infected system. The instructions from the hackers will be delivered as an HTML file named '210201-readme.html.'
Table of Contents
Ransom Note’s Details
The note displayed to the victims begins with an image of a painting by the French artist Gustave Doré. The painting depicts a scene from Dante Alighieri's Divine Comedy. The inclusion of the image offers little comfort to the victims of the threat who are trying to figure out how to restore their data. The Inferno Ransomware hackers then continue by stating that the affected users will have to buy a decryption tool named Inferno General Decryptor from them. To get the necessary details about making the ransom payment, victims are directed towards visiting the hacker group's website hosted on the TOR network. The ransom note concludes with a section containing several warnings such as not modifying the locked files followed by a quote from Voltaire.
The Inferno Ransomware instructions are:
'Gustave Doré, engraving illustrating Canto XVII of Divine Comedy, Inferno, by Dante Alighieri; caption: The Descent of the Abyss on Geryon's Back; in Dante Alighieri, The Divine Comedy: the Inferno, Purgatorio, and Paradiso, trans.: Lawrence Grant White," by ancientartpodcast.org is licensed with CC BY 2.0.
Your network has been infected by Inferno
All your documents, photos, databases and other important files have been encrypted and you are not able to decrypt it by yourself. But don't worry, we can help you to restore all your files!The only way to restore your files is to buy our special software - Inferno General Decryptor. Only we can give you this software and only we can restore your files!
You can get more information on our page, which is located in a Tor hidden network.
How to get to our page
Download Tor browser - hxxps://www.torproject.org/
Install Tor browser
Open link in Tor browser - infernoyrxlapxaiq.onion
Follow the instructions on this pageYour ID:
DO NOT TRY TO RECOVER FILES YOURSELF!
DO NOT MODIFY ENCRYPTED FILES!
OTHERWISE, YOU MAY LOSE ALL YOUR FILES FOREVER!
"Now, now my good man, this is no time to be making enemies. (Voltaire on his deathbed in response to a priest asking him that he renounce Satan.)"
Voltaire'
SpyHunter Detects & Remove Inferno Ransomware
File System Details
| # | File Name | MD5 |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|---|
| 1. | file.exe | e32ce42c1d936899e696a89900a02219 | 3 |
