Kruu Ransomware
The Kruu Ransomware is another potent variant created from the STOP/Djvu malware family that cybercriminals are using to lock the data of their victims. Files encrypted by Kruu will be completely unusable, and restoration of the data without the needed decryption keys will most likely be impossible. Furthermore, the threat is capable of affecting a large set of different file types, ensuring that the damage it causes will reach most of the data stored on the breached devices.
All encrypted files will be marked by having '.Kruu' appended to their original names. Victims also will notice the presence of a new text file on the compromised systems. Named '_readme.txt,' this file will carry a ransom note with instructions from the hackers.
Ransom Note's Overview
The demands of the threatening operators of the Kruu Ransomware threat are in-line, with what has become to be considered the norm for STOP/Djvu threats. They state that victims must pay a ransom of $980 if they want to receive the decryption key and software tool from the cybercriminals.
However, this initial sum could potentially be decreased by 50% to $490. According to the instructions, the only requirement is for the affected users to message the cybercriminals at any point within the first 72 hours of the Kruu infection. Victims also are instructed that they can send 1 locked file to be decrypted absolutely for free. They can attach the file to an email message and send it to the two email addresses mentioned in the note - 'manager@time2mail.ch' and 'supportsys@airmail.cc.'
The full text of Kruu Ransomware's demands is:
'ATTENTION!
Don't worry, you can return all your files!
All your files like pictures, databases, documents and other important are encrypted with strongest encryption and unique key.
The only method of recovering files is to purchase decrypt tool and unique key for you.
This software will decrypt all your encrypted files.
What guarantees you have?
You can send one of your encrypted file from your PC and we decrypt it for free.
But we can decrypt only 1 file for free. File must not contain valuable information.
You can get and look video overview decrypt tool:
hxxps://we.tl/t-2w6I3WpXEh
Price of private key and decrypt software is $980.
Discount 50% available if you contact us first 72 hours, that's price for you is $490.
Please note that you'll never restore your data without payment.
Check your e-mail "Spam" or "Junk" folder if you don't get answer more than 6 hours.To get this software you need write on our e-mail:
manager@time2mail.chReserve e-mail address to contact us:
supportsys@airmail.ccYour personal ID:'
