Researchers have identified a recent ransomware threat named Midas. The Midas Ransomware seems to be a rebranded version of the Haron Ransomware. As typical for this threat type, Midas has been designed to lock files after infiltrating a computer. Then, the ransomware creators demand their victims to pay a specific ransom amount if they want to decrypt their files.
Available data shows that the Midas Ransomware targets mainly companies and other large organizations. It appends the encrypted files with an extension that consists of the company's name; for example, a typical file locked by Midas would look like this: "1.jpg" would be renamed to "1.jpg.newwave".
As soon as the malware finishes the encryption, it generates messages with the ransom demands and displays them as a pop-up window ("RESTORE_FILES_INFO.hta"). A text file "RESTORE_FILES_INFO.txt" also is created, whereby both notes are identical.
According to the ransom note, the cybercriminals have managed to extract sensitive data, like financial data, client information, personal details, etc. The attacked companies are asked to contact the hackers within 72 hours, or the extracted data will be leaked online.
To prevent the Midas Ransomware from locking and collecting more data, it must be eliminated from the operating system through a professional anti-malware program. However, removal will not restore the affected files, and they can only be recovered from a backup.
The Midas ransom note contains the following message:
"All your files are encrypted and cannot be recovered."
All your documents have been uploaded and compromised
-What data was received:
Contracts, financial documents, HR documents, client information, etc.
Over 400 GB of confidential information.
-What will become of you:
You have 72 hours to get in touch with us, if during this time you do not contact us, all your information will be published in our blog.
Anyone can access it.We will inform the client, employees, and merge your information with other hacker groups.
You will receive multiple lawsuits, suffer huge financial losses, and lose your reputation.
How to get to our page
Download Tor browser - hxxps://www.torproject.org/
Install Tor browser
Open link in Tor browser -
Follow the instructions"