Threat Database Ransomware Report Ransomware

Report Ransomware

Analysis of the Report Ransomware threat has confirmed that it is a variant belonging to the Xorist malware family. The threats of this family are designed to lock users out from accessing the data stored on the infected devices. That is why ransomware attacks can be one of the more disruptive and damaging cybersecurity incidents. 

Victims will find themselves unable to access important documents PDFs, databases, archives or other types of files. Typically, the attackers will demand to be paid a certain ransom to assist in the restoration of the victim's data, by sending the required decryption tool and key.

During its active phase, the Report Ransomware will lock the files on the breached system with a military-grade cryptographic algorithm. The threat also will mark each encrypted file by adding '.report' as a new extension. Instructions from the attackers will be dropped on the device as a text file and a pop-up window. 

Ransom Note's Details

Reading the note left by the Report Ransomware is not going to provide the affected users with any useful information. Both the pop-up window and the text file have identical messages claiming that to get their files back users will need to message the email address of the hackers. However, neither note provides said address leaving the victims of the threat without many options. When the delivered instructions seem to be more of a placeholder than an actual ransom note, it is usually a sign that the current versions of the malware threat are being released for test purposes. There is another detail supporting this conclusion - the text file carrying the ransom message doesn't have a proper name. Instead, its name is displayed as a gibberish combination of Latin letters.

The ransom messages delivered by Report Ransomware are:

'All Your data has been Encrypted

If you wanna the public key



or ...


Related Posts


Most Viewed