Pohj Ransomware
The Pohj Ransomware is a variant from the STOP/Djvu malware family. This particular malware strain has been extremely popular among cybercriminals for quite a while now, with infosec researchers identifying more and more variants based on it. Even though the Pohj Ransomware has not been equipped with any significant improvements, the threat is still capable of causing massive damage to the data stored on the infected devices. Indeed, victims will be left unable to access most of their documents, archives, databases, images and many other file types.
Following the common STOP/Djvu behavior, the threat will append the encrypted files with a 4-character string as a new file extension. In this case, victims will notice that '.pohj' has been added to the names of their files. Then, a ransom note will be dropped on the device as a text file named '_readme.txt.'
The demands of the Pohj Ransomware remain consistent with those of the other variants of this family. The operators of the threat demand to be paid the sum of $980. For victims who initiate contact within 72 hours of the attack, the price of the ransom will supposedly be slashed in half to $490. The cybercriminals also state that they can decrypt a single file for free. Users can contact them via the two email addresses found in the ransom note - 'support@fishmail.top' and 'datarestorehelp@airmail.cc.'
The full text of the ransom note left by Pohj Ransomware is:
'ATTENTION!
Don't worry, you can return all your files!
All your files like pictures, databases, documents and other important are encrypted with strongest encryption and unique key.
The only method of recovering files is to purchase decrypt tool and unique key for you.
This software will decrypt all your encrypted files.
What guarantees you have?
You can send one of your encrypted file from your PC and we decrypt it for free.
But we can decrypt only 1 file for free. File must not contain valuable information.
You can get and look video overview decrypt tool:
hxxps://we.tl/t-oTIha7SI4s
Price of private key and decrypt software is $980.
Discount 50% available if you contact us first 72 hours, that's price for you is $490.
Please note that you'll never restore your data without payment.
Check your e-mail "Spam" or "Junk" folder if you don't get answer more than 6 hours.To get this software you need write on our e-mail:
support@fishmail.topReserve e-mail address to contact us:
datarestorehelp@airmail.ccYour personal ID:'
