Multi-Device Licenses (Volume Discounts)

Change Region

English Čeština Dansk Deutsch Eesti Español Français Hrvatski Italiano Nederlands Polski Português Suomi
Threat Database Ransomware Isos Ransomware

Isos Ransomware

By GoldSparrow in Ransomware
Translate To:
English

The Isos Ransomware is a potent malware threat that is part of the Phobos Ransomware family. Once inside the victim's computer, the Isos Ransomware initiates an encryption process that scrambles the files on it with a robust asymmetrical RSA encryption algorithm. A complex pattern is used to modify the names of all locked files. It includes adding a string of random characters assigned to each victim, followed by an email address under the criminals' control, and finally '.isos' as a new extension. The email in question is 'helpisos@aol.com.' As is the norm for ransomware threats from the Phobos Ransomware family, the Isos Ransomware leaves its victims with a note containing the hackers' instructions. The note is dropped as two different files. One is a text file simply named 'info.txt' while the other is an 'info.hta.' file used for the creation of a pop-up window. The text found in both files is identical.

Victims of the Isos Ransomware are told to send an email to the aforementioned address - helpisos@aol.com. If there is no response from the criminals within 24 hours, however, they should attempt to contact the Telegram account '@iso_recovery.' The note doesn't mention any specific amounts for the money demanded by the hackers or if the payment has to be made using any cryptocurrencies. It mentions that affected users are allowed to send up to two files that are no bigger than 1MB for free decryption.

Having to deal with the reality of losing access to your files or files that can affect your business suddenly is not easy definitely. Following the criminals' demands may seem like the easy way out, but there are some alternatives that should be attempted. Victims of the Isos Ransomware should look to see if they have a backup that was created before the ransomware threat had managed to infiltrate the computer. If such backup is indeed available, it can be used to restore the locked files. However, it is paramount to first clean any trace of the malware threat by using a legitimate anti-malware program.

The full text of the Isos Ransomware's note is:

'ATTENTION!

ALL YOUR DATA ARE PROTECTED WITH RSA ALGORITHM

Your security system was vulnerable, so all of your files are encrypted.

If you want to restore them, contact us by email: helpisos@aol.com

in the header of the letter indicate your encrypted ID -

If you do not receive a response within 24 hours, please contact us by Telegram.org account: @iso_recovery

BE CAREFUL AND DO NOT DAMAGE YOUR DATA:

Do not rename encrypted files.

Do not try to decrypt your data using third-party software, it may cause permanent data loss.

Do not trust anyone! Only we have keys to your files! Without this keys restore your data is impossible

WE GUARANTEE A FREE DECODE AS A PROOF OF OUR POSSIBILITIES:

You can send us 2 files for free decryption. Size of file must be less than 1 Mb (non archived). We don`t decrypt for test DATABASE, XLS and other important files.

DO NOT ATTEMPT TO DECODE YOUR DATA YOURSELF, YOU ONLY DAMAGE THEM AND THEN YOU LOSE THEM FOREVER.AFTER DECRYPTION YOUR SYSTEM WILL RETURN TO A FULLY NORMALLY AND OPERATIONAL CONDITION!'

Trending

Most Viewed

Loading...