Kitz Ransomware
The Kitz Ransomware is malware that uses encryption techniques to lock files on a targeted computer. Once Kitz infects a device, it will append the '.kitz' extension to the filename of any affected file and drop a ransom note file, which is usually named '_readme.txt.' The ransom note will provide instructions on how to pay a ransom in exchange for the decryption of the files. The threat has been confirmed to be another member of the STOP/Djvu Ransomware family and may be deployed in conjunction with other types of malware, such as RedLine or Vidar.
Victims of the Kitz Ransomware will Lose Access to Their Files
The ransom note that the attackers leave behind after infecting a computer with Kitz Ransomware outlines the steps the victim must take to supposedly recover their encrypted files. The note states that in order to decrypt the files, a specific decryption tool and a unique key are needed. However, to receive them, victims must pay a ransom to the attackers of either $980 or $490, depending on the time it takes the victim to contact them - either within or after 72 hours.
The ransom note mentions two email addresses - 'support@freshmail.top' and 'datarestorehelp@airmail.cc' - which the victim can use to communicate with the attackers. The note also suggests that victims can test the decryption by sending a single encrypted file before committing to purchasing the decryption tools.
It is important to note that giving in to ransom demands is strongly discouraged. Not only does it encourage attackers to continue their illegal activities, but it also offers no guarantee that the decryption tools will actually be provided or that the encrypted files will be retrieved. As such, it is highly recommended that victims seek alternative methods of data recovery, such as recovering from backups, rather than paying the ransom.
Swift Actions are Required to Mitigate the Damage of Ransomware Threats Like Kitz
If a victim suspects that their computer has been infected with ransomware, the first steps should be to disconnect the affected computer from the internet and any other network connections to prevent the malware from spreading. Next, the breached device should be scanned with a professional anti-malware solution, and all malicious items that are detected should be removed. Only after the system has been cleaned should victims attempt data restoration, preferably from a suitable backup that was created before the malware infection.
Additionally, victims should refrain from paying any ransom demands, as this only encourages the attackers and may not result in the recovery of their data. Finally, it is important to take steps to prevent future attacks, such as implementing strong passwords, keeping software up-to-date, and regularly backing up important data.
The full text of the ransom note dropped by Kitz Ransomware is:
'ATTENTION!
Don't worry, you can return all your files!
All your files like pictures, databases, documents and other important are encrypted with strongest encryption and unique key.
The only method of recovering files is to purchase decrypt tool and unique key for you.
This software will decrypt all your encrypted files.
What guarantees you have?
You can send one of your encrypted file from your PC and we decrypt it for free.
But we can decrypt only 1 file for free. File must not contain valuable information.
You can get and look video overview decrypt tool:
hxxps://we.tl/t-lEbmgnjBGi
Price of private key and decrypt software is $980.
Discount 50% available if you contact us first 72 hours, that's price for you is $490.
Please note that you'll never restore your data without payment.
Check your e-mail "Spam" or "Junk" folder if you don't get answer more than 6 hours.To get this software you need write on our e-mail:
support@freshmail.topReserve e-mail address to contact us:
datarestorehelp@airmail.ccYour personal ID:'
