Rivd Ransomware
Analysis of the Rivd Ransomware threat clearly shows that it is another variant belonging to the STOP/Djvu malware family. All threats stemming from the STOP/Djvu Ransomware family follow a nearly identical behavioral pattern but that in no way diminishes their destructive capabilities. Rivd can devastate the computers it infects by locking the files stored there via an uncrackable encryption process. When the threat locks a targeted file, it also appends '.rivd' to that file's original name. Finally, a ransom note with instructions for the victim will be delivered to the compromised machine. The ransom-demanding message will be placed inside a newly created text file named '_readme.txt.'
Rivd Ransomware's Demands
The threat's note reveals that affected users will be extorted for exactly $980 if they want to receive the decryption key and its associated decryption tool from the hackers. The cybercriminals, if they can be believed, offer to reduce that sum in half, with the only requirement being that the victims contact them during the first 72 hours of the ransomware attack. As part of their message, users can also attach a single encrypted file that will is supposed to be unlocked for free and returned.
The entire set of instructions dropped by the Rivd Ransomware is:
'ATTENTION!
Don't worry, you can return all your files!
All your files like pictures, databases, documents and other important are encrypted with strongest encryption and unique key.
The only method of recovering files is to purchase decrypt tool and unique key for you.
This software will decrypt all your encrypted files.
What guarantees you have?
You can send one of your encrypted file from your PC and we decrypt it for free.
But we can decrypt only 1 file for free. File must not contain valuable information.
You can get and look video overview decrypt tool:
hxxps://we.tl/t-CcXGxzXf71
Price of private key and decrypt software is $980.
Discount 50% available if you contact us first 72 hours, that's price for you is $490.
Please note that you'll never restore your data without payment.
Check your e-mail "Spam" or "Junk" folder if you don't get answer more than 6 hours.To get this software you need write on our e-mail:
manager@mailtemp.chReserve e-mail address to contact us:
supporthelp@airmail.ccYour personal ID:'
