Nypd Ransomware

By GoldSparrow in Ransomware

The Nypd Ransomware is a newly uncovered file-locker that targets users online at random. Data-encrypting Trojans, like the Nypd Ransomware, are easy to build with a ransomware building kit, which enables cyber crooks with little to no skills to spawn and distribute file-lockers. The Nypd Ransomware is based on the infamous STOP Ransomware – one of the most active ransomware families, which has claimed numerous victims.

Propagation and Encryption

Cybercriminals use a variety of propagation techniques to spread threats like the Nypd Ransomware. One of the most popular ones is mass spam email campaigns – users receive a fraudulent email in their inbox, which contains a macro-laced attachment or a corrupted link. Other commonly utilized distribution tricks include malvertising operations, fake social media posts, bogus software updates/downloads, torrent trackers, etc. Upon infiltrating a targeted PC, the Nypd Ransomware would perform a brief scan. The goal is to establish the locations of the files that will be targeted for encryption. After this is completed, the Nypd Ransomware would proceed by triggering the encryption process. The Nypd Ransomware would lock the targeted files and change their names by adding a ‘.nypd’ extension to their filenames. For example, a file that was named ‘honey-coffee.pdf’ originally will be renamed to ‘honey-coffee.pdf.nypd.’

The Ransom Note

The Nypd Ransomware would drop a ransom message on the victims’ PCs to inform them of the attack and its consequences. The name of the file that contains the ransom message in question is ‘_readme.txt.’ In the ransom note, the attackers claim that:

  • The initial ransom fee is $980.
  • Victims that choose to get in touch with them within three days of the attack taking place will receive a 50% discount, knocking down the fee to $490.
  • The contact details are ‘helpmanager@mail.ch’ and ‘restoremanager@airmail.cc.’

It is best to avoid contacting the creators of the Nypd Ransomware. Authors of ransomware threats tend to take victims’ money without decryptors, despite promising to do so. This is why it is best to obtain a legitimate, modern anti-virus software suite, which will remove the Nypd Ransomware from your PC and keep your computer safe going forward safely.

1 Comment

Vocês possuem ferramenta para retirar a criptografia? eu escaneei meu pc e consegui encotnrar a origem, o ual foi removido. porém os arquivos continuam encriptados.


Most Viewed