Seto Ransomware
One of the most widespread malware in 2019 is file-encrypting Trojans most certainly, or in other words, ransomware threats. Some ransomware threats are unique and built from scratch, while others tend to be based on the code of established data-encrypting Trojans. Naturally, the former takes much more time and effort so that most cyber crooks go for the latter.
Propagation and Encryption
Such is the case of the Seto Ransomware – one of the most recently spotted ransomware threats on the Web. When researchers studied this threat, they found out that it is yet another variant of the infamous STOP Ransomware. The users reporting that they have become a victim of the Seto Ransomware are piling up. It appears that the creators of this threat have been very successful in propagating their creation. It is not known for sure what are the particular infection vectors linked with the spreading of the Seto Ransomware. Some experts believe that the cyber crooks behind it may have used fraudulent software updates, emails containing infected attachments, and even fake pirated copies of popular applications. Each infected machine will be scanned. This scan is used to determine the locations of the files, which the Seto Ransomware was programmed to target. Then, the Seto Ransomware will trigger the encryption process. The Seto Ransomware will apply an encryption algorithm to all the targeted files and lock them. Every locked file will receive a ‘.seto’ extension. For example, a photo called ‘sunset-hill.jpeg’ will be renamed to ‘sunset-hill.jpeg.seto’ when the encryption process of the Seto Ransomware is completed.
The Ransom Note
In the next step, the Seto Ransomware will drop its ransom note, which is named ‘_readme.txt’ and the message states:
’ ATTENTION!
Don't worry, you can return all your files!
All your files like photos, databases, documents and other important are encrypted with strongest encryption and unique key.
The only method of recovering files is to purchase decrypt tool and unique key for you.
This software will decrypt all your encrypted files.
What guarantees you have?
You can send one of your encrypted file from your PC and we decrypt it for free.
But we can decrypt only 1 file for free. File must not contain valuable information.
You can get and look video overview decrypt tool:
hxxps://we.tl/t-yKBR9rlo6R
or
hxxps://gofile.io/?c=blfjRd
Price of private key and decrypt software is $980.
Discount 50% available if you contact us first 72 hours, that's price for you is $490.
Please note that you'll never restore your data without payment.
Check your e-mail "Spam" or "Junk" folder if you don't get answer more than 6 hours.
To get this software you need write on our e-mail:
gorentos@bitmessage.ch
Reserve e-mail address to contact us:
gerentoshelp@firemail.cc
Your personal ID:’
As you can see, the ransom fee demanded is $980. However, the authors of the Seto Ransomware claim that all victims who manage to be in contact with them in less than 72 hours after the attack has taken place will get a 50% discount. This means that the ransom fee will be dropped to $490. The creators of the Seto Ransomware insist that the user contacts them via email, and provide two email addresses for this purpose – ‘gorentos@bitmessage.ch’ and ‘gerentoshelp@firemail.cc.’ As proof that they have a functional decryption key, the attackers suggest that the user sends them one file which they will unlock free of charge.
It is always best to stay as far from cybercriminals as you possibly can. Do not trust their promises and do not fall for their tricks. They often tend to leave their victims empty-handed even if they pay up the fee demanded. You should look into obtaining a legitimate anti-spyware application, which will not only remove the Seto Ransomware from your computer but also make sure you do not end up in the same situation in the future.
