Threat Database Ransomware Stepik Ransomware

Stepik Ransomware

The Stepik Ransomware targets numerous file types and then renders them unusable via a strong encryption process. As a typical ransomware threat, Stepik then tries to extort its victims for money if they want to restore access to their personal or business-related files. Ransomware has been among the more prevalent malware threats for a while now, and infosec researchers are detecting more and more threats and variants in the wild. Some other ransomware examples are the Rugi Ransomware, the IRFK Ransomware and the Hep Ransomware.

Details

As part of its unsafe operations, the Stepik Ransomware will mark all locked files. It does so by modifying the targeted files' original names. Victims will notice that most of the files stored on the compromised systems now have '.stepik' appended as a new file extension. The threat will also drop a file with instructions from the attackers. Known as a ransom note, this message will be contained inside a file named 'RESTORE_FILES_INFO.txt.'

Ransom Note's Overview

The ransom-demanding message of the Stepik Ransomware is rather brief. It lacks some of the usual details found in the ransom notes deliver by other threats of this type. Stepik doesn't mention the sum of the demanded ransom or if users will need to pay the money while using a specific cryptocurrency. The note simply directs all affected users to install the TOR browser and create an email account with the specified email provider. Afterward, they should establish contact with the Stepik Ransomware hackers by sending a message to the two provided email addresses - 'steriok12132@tutanota.com' and 'KukaJamba@tutanota.com.'

The full text of the note is:

'all your important files are encrypted!
Any attempts to restore your files with the thrid-party software will be fatal for your files!
RESTORE YOU DATA POSIBLE ONLY BUYING private key from us.
There is only one way to get your files back:
WARNING: 1) install the tor browser (hxxps://www.torproject.org/download)
2)Сreate new email on servis hxxps://mail.tutanota.com/login for contact !
write me on steriok12132@tutanota.com or KukaJamba@tutanota.com

Key Identifier:'

Trending

Most Viewed

Loading...