Nitrocrypted Ransomware

Nitrocrypted Ransomware is a new threat detected by cybersecurity specialists. The malware is created to infiltrate users' systems and encrypt the files stored there. It can affect numerous file types and the affected files will no longer be accessible. Victims will then be extorted to pay a ransom to the attackers if they want to receive the decryption key necessary for the restoration of the data.

Whenever the threat locks a file, it will append '.nitrocrypted' to that file's original name as a new extension. When all targeted files have been locked, the Nitrocrypted Ransomware proceeds to deliver its ransom-demanding message. The malware changes the default desktop background with a new one and creates a file named 'README.txt.'

Ransom Note's Details

The instructions for the victims are contained inside the text file. However, the ransom note is extremely brief and lacks most of the crucial details usually found in the ransom-demanding messages of other ransomware threats. The Nitrocrypted Ransomware simply tells its victims that they will have to contact the NitroXploit@protonmail.ch email to receive further instructions. The hackers also allow for a single locked file to be attached to the message. They will then supposedly unlock and send it back for free.

The full text of the note is:

'All your files have been encrypted!
To decrypt your files (learn how to pay), send us a message on the following Email Address:
NitroXploit@protonmail.ch

You can send us a test file and we'll decrypt it for free.'