PARKER Ransomware
The PARKER Ransomware targets the data of its victims and leaves it in an unusable state. All file types can be affected, including documents, PDFs, pictures, photos, archives, databases and more. The sufficiently strong encryption algorithm will prevent affected users from restoring their files without assistance from the attackers.
As part of its operation, the threat also will mark the locked files by appending '.PARKER' to their original names. In addition, the malware will generate a new text file on the infected devices. Named 'RESTORE_FILES_INFO.txt,' the file will contain a ransom note with instructions from the threat actors.
Victims are told that numerous sensitive files have been infiltrated from the breached machines and are now stored on a server controlled by the hackers. If they do not receive a message within 3 days, the attacks threaten to start publishing the collected information to the public. To prevent this outcome, victims must reach out and establish communication with the hackers. The only way to do so mentioned in the ransom note is via the qTOX chat client.
The full text of PARKER Ransomware's message is:
'------------------
| What happened? |
------------------
Your network was ATTACKED, your computers and servers were LOCKED,
Your private data was DOWNLOADED:
- Contracts
- Customers data
- Finance
- HR
- Databases
- And more other...
----------------------
| What does it mean? |
----------------------
It means that soon mass media, your partners and clients WILL KNOW about your PROBLEM.
--------------------------
| How it can be avoided? |
--------------------------
In order to avoid this issue,
you are to COME IN TOUCH WITH US no later than within 3 DAYS and conclude the data recovery and breach fixing AGREEMENT.
-------------------------------------------
| What if I do not contact you in 3 days? |
-------------------------------------------
If you do not contact us in the next 3 DAYS we will begin DATA publication.
We will post information about hacking of your company on public
ALL YOUR CLIENTS WILL KNOW ABOUT THE INCIDENT!!!
Think very well of the consequences.
You can spare this little money and subsequently lose much more.
-----------------------------
| I can handle it by myself |
-----------------------------
It is your RIGHT, but in this case all your data will be published for public USAGE.
-------------------------------
| I do not fear your threats! |
-------------------------------
That is not the threat, but the algorithm of our actions.
If you have hundreds of millions of UNWANTED dollars, there is nothing to FEAR for you.
That is the EXACT AMOUNT of money you will spend for recovery and payouts because of PUBLICATION.
You are exposing yourself to huge penalties with lawsuits and government if we both don't find an agreement.
We have seen it before cases with multi million costs in fines and lawsuits,
not to mention the company reputation and losing clients trust and the medias calling non-stop for answers.
--------------------------
| You have convinced me! |
--------------------------
Then you need to CONTACT US, there is few ways to DO that.
---Secure method---
a) Download a qTOX client: hxxps://tox.chat/download.html
b) Install the qTOX client and register account
c) Add our qTOX ID: 671263E7BC06103C77146A 5ABB802A63F53A42B4C4766329A5F04D2660C99A3611635CC36B3A
or qTOX ID: BC6934E2991F5498BDF5D852F10EB4F7E 1459693A2C1EF11026EE5A259BBA3593769D766A275
d) Write us extension of your encrypted files .PARKER
Our LIVE SUPPORT is ready to ASSIST YOU on this chat.
----------------------------------------
| What will I get in case of agreement |
----------------------------------------
You WILL GET full DECRYPTION of your machines in the network, DELETION your data from our servers,
RECOMMENDATIONS for securing your network perimeter.
And the FULL CONFIDENTIALITY ABOUT INCIDENT.
----------------------
Number of files that were processed is:'
