Multi-Device Licenses (Volume Discounts)

Change Region

English Português
Threat Database Ransomware Instabot Ransomware

Instabot Ransomware

By GoldSparrow in Ransomware
Translate To:
English

The Instabot Ransomware is a new iteration of the notorious STOP Ransomware. Despite the fact that malware analysts are very familiar with the STOP Ransomware family, there is yet to be a decryption tool released that would help the victims of this nasty Trojan. This means that users who have fallen victim to the Instabot Ransomware have no way of reversing the damage for free.

Propagation and Encryption

According to cybersecurity researchers, the Instabot Ransomware is being propagated via spam emails. The emails are likely to contain a fraudulent message alongside a fake attachment, which will infect one’s system once opened. The Instabot Ransomware will lock most of the files present on the compromised computer – documents, images, audio files, videos, presentations, spreadsheets, databases, archives, etc. When the Instabot Ransomware locks a file, it alters its name by adding a ‘.sqpc’ extension to it. For example, a file, which was called ‘green-rock.mp3’ originally, will be renamed to ‘green-rock.mp3.sqpc’ after the Instabot Ransomware completes the encryption process.

The Ransom Note

The Instabot Ransomware drops a ransom message on the victims’ system to provide them with details about the attack, as well as contact details. The name of the note is ‘_readme.txt.’ In the ransom demand, the attackers state that the victims have to pay $980 as a ransom fee if they want to receive a decryption tool that will help them retrieve their data. However, users who manage to get in touch with the authors of the Instabot Ransomware within 72 hours of the attack will get a special 50% discount – these users will have to pay $490. To prove to the users that they are able to recover the affected data, the attackers offer to unlock one or two files free of charge. The contact details provided by the creators of the Instabot Ransomware are ‘helpmanager@mail.ch’ and ‘restoremanager@firemail.cc.’

You should ignore the demands and promises of the attackers – even users who pay cybercriminals get what they paid f rarely. Instead of giving cyber crooks your hard-earned money, remove the Instabot Ransomware from your machine with the help of a dedicated anti-virus software suite.

Trending

Most Viewed

Loading...