OOII Ransomware
The OOII Ransomware is part of the notorious STOP/Djvu Ransomware family that has been used by cybercriminals to create numerous, threatening malware variants. Despite OOII lacking any meaningful modifications or improvements, its destructive capabilities are not to be underestimated. The threat is capable of locking a wide range of file types, preventing its victims from accessing any of their data, effectively. Affected users will discover that their documents, PDFs, photos, archives, databases, and many more have all become unusable.
All files encrypted by the threat will have '.ooii' appended to their original names. In addition, the ransomware will create a text file on the system, designed to carry its ransom note with instructions from the attackers. The file will be named '_readme.txt.'
Ransom Note Details
OOII Ransomware's message remains consistent with what has been observed in the other STOP/Djvu threats. The hackers state that users will have to pay a ransom of $980 to receive the decryption tool and special key needed for the restoration of their data. The initial price of the ransom can be lowered by as much as 50% if OOII Ransomware's victims contact the hackers within 72 hours of the attack.
Two different emails can be used for this purpose according to the note. The primary address is 'support@sysmail.ch' while 'helprestoremanager@airmail.cc' acts as a reserve email. As part of their message, users are allowed to attach one locked file that the hackers are supposed to unlock for free.
The full text of the note is:
'ATTENTION!
Don’t worry, you can return all your files!
All your files like pictures, databases, documents and other important are encrypted with strongest encryption and unique key.
The only method of recovering files is to purchase decrypt tool and unique key for you.
This software will decrypt all your encrypted files.
What guarantees you have?
You can send one of your encrypted file from your PC and we decrypt it for free.
But we can decrypt only 1 file for free. File must not contain valuable information.
You can get and look video overview decrypt tool:
https://we.tl/t-bPgv29RUmq
Price of private key and decrypt software is $980.
Discount 50% available if you contact us first 72 hours, that’s price for you is $490.
Please note that you’ll never restore your data without payment.
Check your e-mail “Spam” or “Junk” folder if you don’t get answer more than 6 hours.To get this software you need write on our e-mail:
support@sysmail.chReserve e-mail address to contact us:
helprestoremanager@airmail.cc'
