INT Ransomware

By CagedTech in Ransomware

Translate To:

The INT Ransomware threat is designed specifically to lock the data of its victims. The malware threat runs an encryption routine with an uncrackable algorithm that will affect documents, photos, images, archives, databases and other file types stored on the breached devices. Infosec researchers have been able to confirm that the INT Ransomware is a variant of the previously identified ransomware family known as Makop.

The encrypted files also will have their original names modified significantly. The INT Ransomware will append to them a unique ID string, the 'integra2022@tutanota.com' email address, and '.INT' as a new file extension. The threatening tool also will create a text file named '+README-WARNING+.txt.' Inside this file is a ransom note with instructions for the victim.

The ransom-demanding message reveals that the operators of the INT Ransomware are willing to decrypt 2 files for free, as a way to demonstrate their ability to restore the data of their victims. However, the 2 chosen files must not contain important information and should not exceed 1 MB in size. To establish contact with the attackers, victims are left with two email addresses - 'integra2022@tutanota.com' and 'insomnia1986@tutanota.com.'

The full text of the ransom note is:

'::: Greetings :::
Little FAQ:
.1.
Q: Whats Happen?
A: Your files have been encrypted. The file structure was not damaged, we did everything possible so that this could not happen.
.2.
Q: How to recover files?
A: If you wish to decrypt your files you will need to pay us.
.3.
Q: What about guarantees?
A: Its just a business. We absolutely do not care about you and your deals, except getting benefits. If we do not do our work and liabilities - nobody will cooperate with us. Its not in our interests.
To check the ability of returning files, you can send to us any 2 files with SIMPLE extensions(jpg,xls,doc, etc… not databases!) and low sizes(max 1 mb), we will decrypt them and send back to you. That is our guarantee.
.4.
Q: How to contact with you?
A: You can write us to our mailboxes: integra2022@tutanota.com or insomnia1986@tutanota.com
.5.
Q: How will the decryption process proceed after payment?
A: After payment we will send to you our scanner-decoder program and detailed instructions for use. With this program you will be able to decrypt all your encrypted files.
.6.
Q: If I don’t want to pay bad people like you?
A: If you will not cooperate with our service - for us, its does not matter. But you will lose your time and data, cause only we have the private key. In practice - time is much more valuable than money.
:::BEWARE:::
DON'T try to change encrypted files by yourself!
If you will try to use any third party software for restoring your data or antivirus solutions - please make a backup for all encrypted files!
Any changes in encrypted files may entail damage of the private key and, as result, the loss all data.'

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

INT Ransomware

Submit Comment

Related Posts

Fargint.com

Ghtinthebox.com

Galeritintite.com

International-fetishescort.com

Startintenselyoriginalinfo-product.info

Mintoutletuk.com

Trending

Safe Search Eng

Findtheirreport.com

MarioLocker Ransomware

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen