Mafer Ransomware
The Mafer Ransomware belongs to malware threat types designed to lock the data of its victims. By running a strong encryption routine on the infected systems, the Mafer Ransomware will render most documents, PDFs, databases, photos, archives and other file types completely unusable. In addition, according to its ransom note with the instructions to be followed, the operators of the Mafer Ransomware apparently collect sensitive and confidential information from the breached computers, which means that they are effectively running a double-extortion scheme. Furthermore, cybersecurity experts have confirmed that the Mafer Ransomware is a variant of the previously identified VoidCrypt threat.
The names of the files locked by Mafer will be changed significantly. The threat will append an ID string, ane email address and a new extension to them. The ID string is generated for each separate device, while the email address and the extension remain consistent - 'dr.filees@gmail.com' and '.Mafer.' The ransom note is dropped in the form of a text file named 'Read_Me!_.txt.' According to the message from the threat actors, victims have 48 hours to pay the demanded ransom before the price gets doubles. In addition, the cybercriminals specify that they will accept only payments made in Bitcoins.
The entire set of instructions delivered to Mafer Ransomware's victims is:
'All Your Files Encrypted And Sensitive Data Downloaded (Financial Documents,Contracts,Invoices etc.. ).
To Get Decryption Tools You Should Buy Our Decrption Tools And Then We Will Send You Decryption Tools And Delete Your Sensitive Data From Our Servers.
If Payment Is Not Made We have to Publish Your Sensitive Data If Necessary Sell Them And Send Them To Your Competitors And After A While Our Servers Will Remove Your Decrypion Keys From Servers.
Your Files Encrypted With Strongest Encryption Algorithm So Without Our Decryption Tools Nobody Can't Help You So Do Not Waste Your Time In Vain!
Your ID:
Email Address: dr.filees@gmail.com
In Case Of Problem With First Email Write Us E-mail At : luka.born@tutanota.com
Send Your ID In Email And Check Spam Folder.
This Is Just Business To Get Benefits, If Do Not Contact Us After 48 Hours Decryption Price Will x2.What Guarantee Do We Give You ?
You Should Send Some Encrypted Files To Us For Decryption Test.
Attention!
Do Not Edit Or Rename Encrypted Files.
Do Not Try To Decrypt Files By Third-Party Or Data Recovery Softwares It May Damage Files.In Case Of Trying To Decrypt Files With Third-Party Sofwares,This May Make The Decryption Harder So Prices Will Be Rise.
How To Buy Bitcoin :
Buy Bitcoin Instructions At LocalBitcoins :
hxxps://localbitcoins.com/guides/how-to-buy-bitcoins
Buy Bitcoin Instructions At Coindesk And Get More Info By Searching At Google :
hxxps://www.coindesk.com/learn/how-can-i-buy-bitcoin/'
