Security researchers have discovered a new ransomware known as Sa58. This threatening software is designed to encrypt files on infected computers, adding the '.sa58' extension to the filenames of all encrypted files. Furthermore, it creates a ransom note in the form of an 'info.txt' file, which contains instructions on how to pay a ransom to the attackers. However, paying the demanded sum does not guarantee that victims will get their data back.
An Overview of Sa58 Ransomware's Demands
Victims of the threat are instructed to pay $500 in Bitcoins to the provided crypto-wallet address within 24 hours. Otherwise, their files will be lost forever. Unfortunately, paying the ransom does not guarantee that the hackers will keep their end of the bargain, so it is not recommended to do so. The most effective way to protect against data loss due to a ransomware attack is to have your files backed up on a remote server or an unplugged storage device. Additionally, it is necessary to eliminate the ransomware from infected devices to prevent further damage.
How do Threats Like the Sa58 Ransomware Infiltrate Devices?
Evil-minded actors are increasingly using various methods to infect computers with ransomware. These include sending corrupted files or links via email and files downloaded from unreliable sources, using fake software updaters and deceptive installers and taking users to websites hosting pirated software or certain Trojan types. Once the ransomware is downloaded and executed, it can begin to encrypt data on the computer.
The full text of the ransom note left by the Sa58 Ransomware is:
'Sad to say, but all your files have been encrypted!
But don't cry, there's the way to recover them - pay 500$ in BTC to this wallet:
You have 24 hours. After them your files will stay unaccessible for next eternity.'