Pozd Ransomware
The Pozd Ransomware is not a unique malware threat. Analysis by infosec researchers has revealed that it is another variant based on the popularity among cybercriminals of the STOP/Djvu ransomware strain. However, the fact that it lacks any meaningful modification doesn't make the threat any less unsafe. The Pozd Ransomware encryption capabilities can impact a diverse range of file types - from documents and photos to archives and databases. All target files will have '.pozd' attached to their original names and will be left in an inaccessible state.
Victims of the Pozd Ransomware should be warned that their computers may have been infected with additional malware threats, as well. Cybercriminals delivering STOP/Djvu variants have been observed to drop info-stealers on the infected devices, as well. Two such tools are the Vidar Stealer and the RedLine Stealer.
The ransom note delivering the instructions of Pozd Ransowmare's criminal operators will be dropped on the breached computers as a text file named '_readme.txt.' The text of the message follows the typical STOP/Djvu pattern. The attackers try to extort the sum of $980 from their victims. However, the offer to reduce the price of the ransom by 50% to those victims who establish contact within the first 72 hours of the malware infections also is mentioned. Victims also can send one chosen file to be decrypted for free, with the only listed requirement being that the file doesn't contain any important data. The email addresses found in the note are 'datarestorehelp@airmail.cc' and 'support@fishmail.top.'
The full text of the ransom note is:
'ATTENTION!
Don't worry, you can return all your files!
All your files like pictures, databases, documents and other important are encrypted with strongest encryption and unique key.
The only method of recovering files is to purchase decrypt tool and unique key for you.
This software will decrypt all your encrypted files.
What guarantees you have?
You can send one of your encrypted file from your PC and we decrypt it for free.
But we can decrypt only 1 file for free. File must not contain valuable information.
You can get and look video overview decrypt tool:
hxxps://we.tl/t-2gP6wwZcZ9
Price of private key and decrypt software is $980.
Discount 50% available if you contact us first 72 hours, that's price for you is $490.
Please note that you'll never restore your data without payment.
Check your e-mail "Spam" or "Junk" folder if you don't get answer more than 6 hours.To get this software you need write on our e-mail:
support@fishmail.topReserve e-mail address to contact us:
datarestorehelp@airmail.ccYour personal ID:'
