Threat Database Ransomware Nqsq Ransomware

Nqsq Ransomware

The Nqsq Ransomware is part of the infamous STOP/Djvu malware family. Cybercriminals appear to still be churning out more and more variants. Even though each variant is nearly identical to the others, the damage they can cause should not be underestimated. Nqsq and other STOP/Djvu malware threats can affect a large number of file types and render them unusable via a strong encryption process.

When it comes to Nqsq in particular, it marks each locked file by adding '.nqsq' to that file's original name. When all targeted files have been encrypted, the threat delivers a ransom note with instructions for its victims. The ransom-demanding message will be contained inside a text file named '_readme.txt.'

Ransom Note's Overview

The message dropped by the Nqsq Ransomware follows the same pattern as the other threats from this malware family. The hackers state that to send the necessary decryption key and software tool to their victims, they must pay a ransom of $980. Close to a thousand dollars is quite a big amount to part with easily, especially in the current global circumstances caused by the pandemic. However, victims are told that if they initiate contact within 72 hours of the ransomware infection, the demanded sum will be reduced by 50% to $490.

The ransom note mentions two email addresses that can be used as communication channels - 'manager@mailtemp.ch' and 'supporthelp@airmail.cc.' As part of their message, affected users can attach a single locked file that the hackers are then sup[posed to unlock and return for free. The only requirement is for the file to not contain any important data.

The full text of the note is:

'ATTENTION!
Don't worry, you can return all your files!
All your files like pictures, databases, documents and other important are encrypted with strongest encryption and unique key.
The only method of recovering files is to purchase decrypt tool and unique key for you.
This software will decrypt all your encrypted files.
What guarantees you have?
You can send one of your encrypted file from your PC and we decrypt it for free.
But we can decrypt only 1 file for free. File must not contain valuable information.
You can get and look video overview decrypt tool:
hxxps://we.tl/t-O1iz3esfm2
Price of private key and decrypt software is $980.
Discount 50% available if you contact us first 72 hours, that's price for you is $490.
Please note that you'll never restore your data without payment.
Check your e-mail "Spam" or "Junk" folder if you don't get answer more than 6 hours.

To get this software you need write on our e-mail:
manager@mailtemp.ch
Reserve e-mail address to contact us:
supporthelp@airmail.cc
Your personal ID:
'

Trending

Most Viewed

Loading...