KOPYTZEMPEREEBET Ransomware
The KOPYTZEMPEREEBET Ransomware threat can be used by ill-minded threat actors to lock the data of their victims. The malware is equipped with a sufficiently strong encryption algorithm to make the restoration of the affected files without the proper decryption keys practically impossible.
As part of its actions, the threat will mark all documents, PDFs, archives, databases, and other targeted file types with the 'KOPYTZEMPEREEBET' file extension. Victims will notice that an unfamiliar text file named '#Decrypt_files#.txt' has appeared on the desktop of the breached device. The file is tasked with delivering the threat's ransom note.
Reading the ransom-demanding messages makes it clear that the operators of the KOPYTZEMPEREEBET Ransomware are primarily interested in extorting money from corporate entities. The note states that the malware threat has encrypted both the files and their backups. To restore the encrypted data, victims must pay a ransom. The note doesn't mention the exact amount, but victims who contact the attackers in the first 12 hours of the infection will, apparently, have to pay 50% less. The cybercriminals also state that they are willing to decrypt two or three small files for free as a demonstration.
The full text of KOPYTZEMPEREEBET Ransomware's message is:
'Dear Sir or Madam,
Congratulations!
Id like to inform you that your company has been randomly chosen for audit and that you haven't
passed it.
All of your servers are encrypted, same as your backups. Our encryption algorithms impossible to
decrypt, same as your company data and infrastructure. However, do not get nervous, as you shall
restore all of your all your infrastructure and data! In order to do that, follow simple steps
that are described bellow:- Buy decryption program.
- Restore all of the company data and infrastructure.
The system hack wasnt done eiter by your competitors or 3rd party, it was strictly our
initiative. Our main and only interest is money.
Also, to be mentioned, we value our reputation and principles a lot, therefore any amateur
attempts will be strictly suppressed and will make current situation worse. In addition, all of
decryption software mentioned above is tested, as a proof of our abilities, there is a possibility of decrypting few small files for free, for your understanding.To decrypt your files you need to write on our mail - kopytzempereebet@onionmail.
But we recommend to write on our ICQ account to talk in a live chat
Install ICQ software on your PC hxxps://icq.com/windows/ or on your mobile phone search in Appstore / Google market ICQ
Write to our account - @KOPYTZEMPEREEBET
hxxps://icq.im/KOPYTZEMPEREEBETWe work 24/7 and if you write in 12h after decryption - you will get 50% discount
Start messaging with an incident ID and 2-3 test files up to 1mb
Your personal ID'
