Threat Database Ransomware Poqw Ransomware

Poqw Ransomware

Poqw is ransomware that works by encrypting files and then demanding its victims pay a ransom. The Poqw Ransomware adds its own extension ('.poqw') to the filenames. After encryption, it drops a ransom note in the form of a '_readme.txt' file. For example, if a file is named '1.jpg,' Poqw will rename it to '1.jpg.poqw.' As is the case with other threatening variants belonging to the STOP/Djvu Ransomware family, the Poqw Ransomware may be distributed alongside other malware, such as Vidar and RedLine, which are used for collecting information from victims' computers.

An Overview of Poqw Ransomware's Demands

Victims of the Poqw Ransomware are presented with a ransom note containing two email addresses - 'support@freshmail.top' and 'datarestorehelp@airmail.cc.' If they contact the attackers within 72 hours, victims will avoid paying the full $980 amount of the ransom and instead be offered a reduced price of $490 for the decryption software and key. The attackers also offer victims the chance to send one encrypted file to them before paying the ransom. The chosen file will supposedly be decrypted for free, although one of the listed requirements is that it cannot contain any valuable information.

Unfortunately, there is no guarantee that threat actors will provide victims with the necessary decryption tools after they have paid the ransom. As such, it is not recommended to pay them as there is no guarantee that they will follow through on their promise. The only way for victims to recover their files without having to pay a ransom is if they have a data backup or access to a working third-party decryption tool.

How are Threats Like Poqw Ransomware Distributed

Ransomware attacks are a common threat to both businesses and individual users, with severe consequences in terms of costs of breaches and access to crucial data. To be protected from a ransomware attack, it is important to understand how ransomware is distributed in the first place.

  1. Spam Emails – The most common way that criminals distribute ransomware is by sending out corrupted emails disguised as legitimate messages or attachments. The malware code infects your computer as soon as you click on the attachment or link in the message.
  2. Exploiting Security Flaws – Cybercriminals also target computers and networks that have known security flaws, such as unpatched software, outdated operating systems and weak passwords. By taking advantage of these weaknesses, hackers can gain access to your system and install corrupted code onto it.
  3. Malvertising – Corrupted advertisements are often used by cybercriminals to spread their threatening payloads, which contain code for downloading and installing ransomware onto unsuspecting victims' computers and networks. To avoid getting infected, be sure to block all suspicious advertisements and pop-ups from appearing on your device or network.
  4. Social Engineering – This attack aims to manipulate people into giving up confidential information or personal data through deceptive tactics like phishing tactics. The cybercriminals could send honest-looking emails or programs with the goal of tricking the unsuspecting recipient into executing unsafe attachments or files, allowing the threat actors to establish a foothold within the network.

The full text of the Poqw Ransomware note is:

'ATTENTION!

Don't worry, you can return all your files!
All your files like pictures, databases, documents and other important are encrypted with strongest encryption and unique key.
The only method of recovering files is to purchase decrypt tool and unique key for you.
This software will decrypt all your encrypted files.
What guarantees you have?
You can send one of your encrypted file from your PC and we decrypt it for free.
But we can decrypt only 1 file for free. File must not contain valuable information.
You can get and look video overview decrypt tool:
hxxps://we.tl/t-GTrvfBi8hs
Price of private key and decrypt software is $980.
Discount 50% available if you contact us first 72 hours, that's price for you is $490.
Please note that you'll never restore your data without payment.
Check your e-mail "Spam" or "Junk" folder if you don't get answer more than 6 hours.

To get this software you need write on our e-mail:
support@freshmail.top

Reserve e-mail address to contact us:
datarestorehelp@airmail.cc

Your personal ID:'

Trending

Most Viewed

Loading...