Multi-Device Licenses (Volume Discounts)

Change Region

English Čeština Dansk Deutsch Eesti Español Français Hrvatski Nederlands Polski Português Slovenščina Suomi
Threat Database Ransomware Jdokao Ransomware

Jdokao Ransomware

By GoldSparrow in Ransomware
Translate To:
English

The Jdokao Ransomware is based on the Snatch Ransomware and belongs to the Snatch family of ransomware threats. What differentiates it from other similar Snatch Ransomware variants are the emails under the control of the cybercriminals and the extension it uses for the encrypted files. Victims of the Jdokao Ransomware will notice that they can no longer access their files - all of the most widely used filetypes such as audio, video, documents, databases, pictures, are affected. The name of each and every encrypted file will be modified to include '.jdokao' as a new extension. The ransom note left by the Jdokao Ransomware can be found in a text file named 'HOW TO RESTORE YOUR FILES.TXT' that will be placed in every folder with encrypted files.

Two email addresses are provided for contact with the hackers - unl0ckme@cock.li or unl0ckme@protonmail.com. According to the instructions, affected users should use the extension of the encrypted files on their systems as a title for the email. No specific sum is mentioned, but the hackers dealing with ransomware threats usually demand the payment to be made in a specific cryptocurrency, Bitcoin, in most cases.

Victims are allowed to send up to three files that are no bigger than 1MB in size for free decryption.

Contacting the criminals is a risky venture. They may attempt to drop further malware on to the compromised machine or simply take the money and walk away without delivering on their promise for easy restoration of the affected files.

The complete text of the note left by Jdokao Ransomware is:

'Hello! All your files are encrypted and only I can decrypt them.

Contact me: 

unl0ckme@cock.li or protonmail.com

Write me if you want to return your files - I can do it very quickly!

The header of letter must contain extension of encrypted files.

I'm always reply within 24 hours. If not - check spam folder, resend your letter or try send letter from another email service (like protonmail.com). 

Attention!

Do not rename or edit encrypted files: you may have permanent data loss. 

To prove that I can recover your files, I am ready to decrypt any three files (less than 1Mb) for free (except databases, Excel and backups)

HURRY UP!'

Trending

Most Viewed

Loading...