Skynetlock Ransomware
The Skynetlock Ransomware is a malware threat that cybercriminals can deploy to lock the data of the targeted victims. Indeed, the primary objective of this malware is to encrypt files, rendering them completely inaccessible.
In addition to encryption, the Skynetlock Ransomware attaches a new extension to the original filenames of the impacted data. The threat will change a file named '1.png' to '1.jpg.skynetlock' after being encrypted. Victims of the Skynetlock Ransomware will be left with a ransom-demanding message in the form of an HTML file named 'How_to_back_files.html.' According to the analysis of the threat, Skynetlock is a variant of the infamous MedusaLocker Ransomware threat.
Skynetlock Ransomware Takes Victims' Data Hostage
The ransom note issued by the attackers to the victims contains a warning message regarding the state of their personal or company network. According to the message, the network has been breached, and all important files have been encrypted using both the RSA and AES encryption algorithms. The attackers go on to warn victims that any attempts to restore their files using third-party software will permanently corrupt them, thus rendering them inaccessible.
In addition to encrypting files, the attackers claim to have accessed highly confidential or personal data that will be made public or sold if the ransom is not paid. To contact the attackers and negotiate the ransom, the note provides a Tor link for the victims to follow.
To prove their ability to decrypt the files, the attackers offer to decrypt a few non-important files for the victims. However, they also warn that the price of decryption will increase if the victims do not contact them within 72 hours.
Users Should Ensure Their Data is Protected against Ransomware Attacks
To protect their data against ransomware attacks, users can take several measures. The first and foremost is to keep their systems and security software up-to-date. It is also essential to exercise caution while browsing the internet and opening email attachments. They should avoid visiting suspicious websites and refrain from clicking on links in emails from unknown or suspicious sources.
Creating data backups regularly is another essential measure to prevent data loss in case of an attack. Backups can be stored offline, and multiple copies of backups can be created to ensure that data is not lost if one backup is compromised.
Educating oneself on ransomware attacks, their variants, and indicators is also crucial to staying safe. Users should stay informed about the latest trends and techniques used by attackers and take appropriate precautions to mitigate the risks.
The ransom note dropped to the victims of Skynetlock Ransomware is:
'YOUR PERSONAL ID:
/!\ YOUR COMPANY NETWORK HAS BEEN PENETRATED /!\
All your important files have been encrypted!Your files are safe! Only modified. (RSA+AES)
ANY ATTEMPT TO RESTORE YOUR FILES WITH THIRD-PARTY SOFTWARE
WILL PERMANENTLY CORRUPT IT.
DO NOT MODIFY ENCRYPTED FILES.
DO NOT RENAME ENCRYPTED FILES.No software available on internet can help you. We are the only ones able to
solve your problem.We gathered highly confidential/personal data. These data are currently stored on
a private server. This server will be immediately destroyed after your payment.
If you decide to not pay, we will release your data to public or re-seller.
So you can expect your data to be publicly available in the near future..We only seek money and our goal is not to damage your reputation or prevent
your business from running.You will can send us 2-3 non-important files and we will decrypt it for free
to prove we are able to give your files back.Contact us for price and get decryption software.
qd7pcafncosqfqu3ha6fcx4h6sr7tzwagzpcdcnytiw3b6varaeqv5yd.onion
Note that this server is available via Tor browser only
Follow the instructions to open the link:
Type the addres "hxxps://www.torproject.org" in your Internet browser. It opens the Tor site.
Press "Download Tor", then press "Download Tor Browser Bundle", install and run it.
Now you have Tor browser. In the Tor Browser open qd7pcafncosqfqu3ha6fcx4h6sr7tzwagzpcdcnytiw3b6varaeqv5yd.onion
Start a chat and follow the further instructions.
If you can not use the above link, use the email:
ithelp02@decorous.cyou
ithelp02@wholeness.businessTo contact us, create a new free email account on the site: protonmail.com
IF YOU DON'T CONTACT US WITHIN 72 HOURS, PRICE WILL BE HIGHER.'
