Threat Database Ransomware J3ster Ransomware

J3ster Ransomware

Threat Scorecard

Threat Level: 100 % (High)
Infected Computers: 4
First Seen: October 19, 2021
OS(es) Affected: Windows

Infosec researchers have identified a new malware threat tracked as J3ster Ransomware. Being classified as ransomware means that the threat is designed to scan victims' computers and then lock the files stored there with an uncrackable encryption algorithm specifically. Affected users will find themselves no longer able to access their photos, images, documents, as well as all archives, databases, PDFs and more. The goal of the hackers is to then extort the victims for money by promising to help them restore the locked data after making the demanded payment.

As part of its threatening activities, the J3ster Ransomware also will mark the locked files by changing their original names. The threat will append '.j3ster' as a new file extension. When all targeted file types have been encrypted, the malware will proceed to change the current desktop background with an image of a jester. It also will generate a file named 'J3ster ReadMe.txt' on the infected system's desktop. This file carries the ransom note with instructions for the victims.

Demands Overview

The ransom-demanding message delivered by J3ster Ransomware is relatively brief. However, it does contain the most important information that these ransom notes carry. It reveals that the hackers want to receive exactly $1000 if they are to offer assistance with the decryption of the locked data. The money must be transferred to the provided crypto-wallet address and the transaction must be done using the Bitcoin cryptocurrency. Victims are then expected to provide evidence of the payment in the form of a screenshot. The attackers will wait to receive the proof attached to a message sent to their email address at ''

The full text of the ransom note is:

'--- J3ster Ransomware ---

Youre Pc Has been Infected By J3ster Ransomeware Pay 1000$ To the Following Bitcoin Adress And Send An ScreenShot From youre payment To the Email

E-Mail :

Bitcoin Adress : 17CqMQFeuB3NTzJ2X28tfRmWaPyPQgvoHV

Good Luck!'

SpyHunter Detects & Remove J3ster Ransomware

File System Details

J3ster Ransomware may create the following file(s):
# File Name MD5 Detections
1. file.exe aa07d3711d0504e3fb769340d25d3aca 4


Most Viewed