Rguy Ransomware
Computer users are being threatened by new malware created by using the STOP/Djvu ransomware family as a basis. These powerful ransomware variants retain significant disruptive capabilities via their encryption routines. The Rguy Ransomware is not an exception, as the threat can affect numerous different file types that will be left in a completely unusable state.
Affected users will most likely notice that something has gone amiss after seeing that nearly all of their files now have '.rguy' added to their original names as a new extension. There also should be new text files dropped on the infected system by the threat. These text files named '_readme.txt' will contain a ransom note with instructions from the hackers.
Ransom Note's Overview
The ransom-demanding message provided by the Rguy Ransomware is largely identical to the notes found in other STOP/Djvu attacks. Victims are informed that their files have been locked with a strong encryption algorithm and to restore the data, they will have to pay a ransom of $980 to the cybercriminals. In exchange, the attackers will supposedly provide them with a software tool and the necessary decryption key. Trusting such unscrupulous people is strongly discouraged as users could be exposing themselves to even more security risks.
Other instructions found in the note include the offer to reduce the demanded ransom price by half to $490 by contacting the hackers in the first 72 hours of the ransomware infection. Users also are told that they can attach one encrypted file to be unlocked for free. The two email addresses mentioned in the note are 'support@sysmail.ch' and 'helprestoremanager@airmail.cc.'
The full message left by Rguy Ransomware is:
'ATTENTION!
Don’t worry, you can return all your files!
All your files like pictures, databases, documents and other important are encrypted with strongest encryption and unique key.
The only method of recovering files is to purchase decrypt tool and unique key for you.
This software will decrypt all your encrypted files.
What guarantees you have?
You can send one of your encrypted file from your PC and we decrypt it for free.
But we can decrypt only 1 file for free. File must not contain valuable information.
You can get and look video overview decrypt tool:
https://we.tl/t-bPgv29RUmq
Price of private key and decrypt software is $980.
Discount 50% available if you contact us first 72 hours, that’s price for you is $490.
Please note that you’ll never restore your data without payment.
Check your e-mail “Spam” or “Junk” folder if you don’t get answer more than 6 hours.To get this software you need write on our e-mail:
support@sysmail.chReserve e-mail address to contact us:
helprestoremanager@airmail.cc'
