Solidbit Ransomware
The Solidbit Ransomware threat exists solely to encrypt the data on the computers it is executed. Threat actors can utilize the malware to effectively take the victim's documents, databases, archives and other important files as hostages. To restore the affected data, users need to obtain the necessary decryption keys by paying a ransom to the attackers.
As part of its intrusive actions, the Solidbit Ransomware also will mark the files it locks. It does so by generating a random 4-character string and appending it to the original name of each file. The threat also will leave two different ransom notes on the breached device. One will be displayed as a pop-up window, while the other will be dropped as a text file named 'RESTORE-MY-FILES.txt.'
Ransom Note's Details
The text of the two ransom-demanding messages is different but the more important details are identical. The attackers instruct their victims to visit a dedicated website hosted on the TOR network. Opening the link requires using the TOR browser, so users may need to install it as well. Visiting the page reveals a bit more information. According to it, the threat uses a combination of the AES and RSA cryptographic algorithms in its encryption process. The operators of the Solidbit Ransomware also state that they are willing to demonstrate their ability to restore locked data by decrypting one file for free. The chosen file, however, must be less than 1MB in size.
The ransom note displayed as a pop-up window is:
'SOLIDBIT RANSOMWARE
What happened?
All of your files are currently encrypted by SOLIDBIT ransomware and you cannot decrypt it without our help. If you try to use any additional recovery software - the files might be damaged, so if you are willing to try - try it on the data of the lowest value.
Free decryption as guarantee
To make sure that we REALLY CAN recover data - we offer you to decrypt samples. You can recover all your files safely and easily with us.
How to contact us?
Download Tor Browser - hxxps://www.torproject.org/download/ and install it
Open link in Tor Browser and follow instructions on this page
hxxp://solidtzhq7bfyap2cbewhy4re6n3exzulrdajnpvliiybhvnzh7fseid.onion/loginATTENTION - Tor Browser may be blocked in your country or corporate network.
Use bridges.torproject.org or use Tor Browser over VPN.The text file contains the following message:
SOLIDBIT RANSOMWARE
Аll оf уоur files аrе еncrуptеd bу SOLIDBIT rаnsоmwаrе and you cannot
decrypt it without our help. If you try to use any additional recovery software - the
files might be damaged, so if you are willing to try - try it on the data of the lowest value.To make sure that we REALLY CAN recover data - we offer you to decrypt
samples. You can recover all your files safely and easily with us.Download Tor Browser - hxxps://www.torproject.org/download/ and install it
Open the link below in Tor Browser and follow instructions on this pagehxxp://solidtzhq7bfyap2cbewhy4re6n3exzulrdajnpvliiybhvnzh7fseid.onion/login
Decryption ID:
Solidbit Ransomware's website presents the following information:
Recover all your files safely and easily with SOLIDBIT
What happened?
Many of your documents, databases, videos and other important files are no longer accessible because they have been encrypted. Maybe you are busy looking for a way to recover your files, but do not waste your time. Nobody can recover your files without our decryption service.SOLIDBIT Ransomware uses AES and RSA cryptography algorithms.
How to recover my files?
We guarantee that you can recover all your files safely and easily. You can decrypt a single file for warranty - we can do it. But if you want to decrypt all your files, you need to pay.Write to support if you want to buy decryptor.
Trial decryptYou can decrypt a single file for warranty - we can do it.
Select ecrypted file
Max size: 1mb
CHAT WITH SUPPORT'
