Oct Ransomware

The Oct Ransomware is a newly discovered crypto locker threat that has been unleashed in the wild. So far, the Oct Ransomware has not been classified as belonging to any of the already established malware families, which makes it a fairly unique ransomware threat. It still follows the basic observed in the behavior of this type of malware, though. 

The Oct Ransomware's goal is to infiltrate users' computers successfully, initiate an encryption process that employs an uncrackable cryptographic algorithm, and then extort the victims for money. The threat can affect a wide range of filetypes, ensuring that it can cause the biggest possible damage without causing any critical error or crashes on the infected device. Every encrypted file will have its original filename modified by having '.oct' appended as a new extension. The ransom note containing instructions from the criminals responsible for the threat is dropped as a text file named 'READ_ME.txt.' A copy of the ransom note-bearing file will be created in every folder containing encrypted data.

The note itself is written in broken English, but its message is clear - victims of the Oct Ransomware have to establish contact with the cybercriminals. Two communication channels are provided for this purpose. Affected users can either send a message to the 'octencrypt4444@gmail.com' email address or visit the links for the hackers' websites hosted on the Tor network. The ransom note threatens that if the ransom is not paid within two weeks following the malware infection, the users' encrypted files will either be outright deleted or leaked to the public.

The ransom note delivered by the Oct Ransomware is:

'----------OCT_RANSOMWARE 1.2V----------

==========

Warning! Warning! Your documents, photos, and other important files have been encrypted by a powerful algorithm.

Your files are stored on our server, and we can delete and change these files at any time.

But if you want to restore your file, you have to pay us for the decryption.

Follow the instructions to recover your files!!!

==========

---------------INSTRUCTIONS---------------

1. send a email to octencrypt4444@gmail.com .

2. leave any messages. If you leave message, I will reply.

3. If you send your encrypted files, I will made you give me a money.

4. If you pay money by me, I will decrypted your files and return your decrypted files.

5. But you don't pay money, I will delete all your files.

==========

-------------------MY MESSAGE-------------------

If you can't pay the money to me, I will decrypt your files for free!!!

But, you should pay money in a week!!!!!!

If you don't pay the money over two weeks, I will expose your privacy and delete all your files and data!!

==========

-------------------DOWNLOAD TOR BROWSER-------------------

hxxps://tor-browser.softonic.kr/

------------------MY TOR BROWSER SITE------------------

octencrypt-1359BASK-yllqf.onion

octencrypt-1322FSQS-nngae.onion.'