Threat Database Ransomware Redeemer 2.0 Ransomware

Redeemer 2.0 Ransomware

Cybercriminals have released an updated version of a previously identified ransomware threat, the Redeemer Ransmware Trojan.. The new Redeemer 2.0 Ransomware bosts considerably improved threatening capabilities compared to its predecessor. The threat can now infect systems running Windows 11, and its encryption process no longer causes the OS of the impacted devices to become unstable or experience critical damage. Redeemer 2.0 also changed the icons of the documents, PDFs, archives, databases, photos and other files it locks.

The threat appends '.redeem' to the names of the targeted files as a new extension. As for the ransom note detailing the instructions of the attackers, it will be displayed as a message prior to the log-in screen of the system, as well as dropped as a text file named 'Read Me.TXT.'

Redeemer 2.0 Ransomware's message doesn't reveal the exact sum that the hackers are extorting their victims for. It does, however, instruct the affected users to buy at least 10 Monero (XMR) coins, which at the current price of the cryptocurrency is worth around $1600. After making the payment, users are told to contact the attackers via the email addresses found in the note.

The full text of Redeemer 2.0 Ransomware's instructions is:

'Made by Cerebrate - Dread Forums TOR

[Q1] What happened, I cannot open my files and they have changed their extension?
[A1] Your files have been encrypted by Redeemer, a Darknet ransomware operation.

[Q2] Is there any way to recover my files?
[A2] Yes, you can recover your files. This will however cost you money in XMR (Monero).

[Q3] Is there any way to recover my files without paying?
[A3] Without paying it is impossible your files.
Redeemer uses most secure algorithms and a sophisticated encryption scheme which guarantees security.
Without a proper key, you will never regain access to your files.

[Q4] What is XMR (Monero)?
[A4] It is a privacy oriented cryptocurrency.
You can learn more about Monero on
You can view ways to purchase it on

[Q5] How will I decrypt my files?
[A5] Follow the general instructions:
-1. Buy 10 XMR.
-2. Contact:
the following email: OR
the following email:

After you established contact send the following key:



-3. You will receive an XMR address where you will need to pay the requested amount of Monero.
-4. After you pay and the payment is verified, you will receive a decryption tool and a key which will restore all your files and your computer back to normal.'


Most Viewed