Threat Database Ransomware PizzaCrypts Ransomware

PizzaCrypts Ransomware

By GoldSparrow in Ransomware

The PizzaCrypts Ransomware is a ransomware Trojan that is used to force computer users to pay large amounts of money if they want to regain access to their files. The PizzaCrypts Ransomware and similar threats take victims' files hostage essentially, encrypting them and making them inaccessible. They then demand that the victim pays a ransom to gain the decryption key and regain access to the encrypted files. The PizzaCrypts Ransomware is spreading through the Neutrino Exploit Kit currently. This means that a website containing this exploit kit will attempt to take advantage of weaknesses on the victims' computers to install the PizzaCrypts Ransomware forcibly. Victims are directed to the exploit website through the use of corrupted advertisements or links embedded in spam email messages. Once the PizzaCrypts Ransomware is installed on the victim's computer, it encrypts the victim's files and then displays a ransom note with instructions on how to pay.

How can You Know that You've Been Attacked by the PizzaCrypts Ransomware

The PizzaCrypts Ransomware can be recognized easily because it changes the encrypted files' names after carrying out its attack. The PizzaCrypts Ransomware will add a very long extension to each encrypted file, which includes the PizzaCrypts Ransomware contact email and an ID number for the victim. This extension follows the pattern id-[victim's ID]_maestro@the, so a file that is named 'text.txt' would become '[victim's ID]_maestro@the' after it has been encrypted by the PizzaCrypts Ransomware. This ransomware threat creates a file containing its ransom note and drops it in each directory where a file was encrypted.

The PizzaCrypts Ransomware's Ransom Note

Victims are asked to send an encrypted file to the email included in the PizzaCrypts Ransomware's ransom note or through a BitMessage (to the address BM-NBRCUPTenKgYbLVCAfeVUHVsHFK6Ue2F). Victims will then receive a reply specifying how much they will need to pay to decrypt their files. This amount will change depending on the severity of the infection but, on average, most encryption ransomware Trojans demand an amount equivalent to one BitCoin, or about $650 USD. Avoid paying the PizzaCrypts Ransomware ransom. Con artists may ignore the victims even after they have made the payment. Note that paying the PizzaCrypts Ransomware ransom allows con artists to continue carrying out their attacks and developing threats, furthering their cause and making it likelier that other people will become victims of these attacks. Unfortunately, it is not possible to decrypt the files that have been encrypted by the PizzaCrypts Ransomware currently without access to the decryption key. Because of this, the best method for computer users will be to recover their files from a backup on an off-site memory device. The backup method should not involve a drive connected to the affected computer since the PizzaCrypts Ransomware is designed to encrypt files on all drives (including external ones.)

The following is the full text of the PizzaCrypts Ransomware's ransom note, contained in the ransom notes that the PizzaCrypts Ransomware drops in each directory where it carried out its attack:

All your files are encrypted cryptographically strong algorithm!
Decoding is not possible without our help!
In order to start the process of decoding the files, you need to contact us on the below contacts,attached the example of an encrypted file:
- Primary email: maestro@the
- Secondary email: the
How To Use Bitmessage see
We encourage you to contact us for all three contacts!
- Very important:
We recommend to write email us with gmail address, otherwise your email may not reach us !
Do not try to decrypt files by third-party decipherers, otherwise you will spoil files!

Computer users can prevent the PizzaCrypts Ransomware attack by taking precautions when browsing the Web and always using an updated security program. Backing up all files regularly will make you invulnerable to the PizzaCrypts Ransomware and other, similar attacks.


Most Viewed