Threat Database Ransomware Surtr Ransomware

Surtr Ransomware

The Surtr Ransomware is a threatening malware, which main goal is to encrypt files and then extort money from its victims by promising to decrypt the blocked files. The Surtr Ransomware is spread using a Ransomware as a Service (RaaS) model and may be very harmful. The Surtr Ransomware can block a large number of file types and the powerful encryption algorithm it uses ensures that the blocked data will not be recovered without a decryption key.

The Surtr Ransomware follows the typical ransomware threats behavior. It appends the name of every encrypted file with a new file extension - '.Surt' in this case, and then drops two ransom notes on the affected computer in the form of files named SURTR_README.txt, SURTR_README.hta.

Surtr Ransomware's Demands

One of the ransom notes states that the victims may pay half of the decryption software's price if they make contact within 15 days and double if they do not obey this timeframe. The "SURTR_README.hta" ransom note also threatens the victims claiming that their files will be released online if they do not pay a ransom and attempts to rename files or use third-party decryption programs may end up in permanent data loss.

The ransom note mentions two email addresses that can be used as communication channels - '' and '' It also clarifies that victims can send three files to the attackers that will be decrypted for free.

The full text of the note is:



Notice : There is only one way to restore your data read the boxes carefully!

Attention :

☢ Do Not change file names.
☢ Do Not try to decrypt using third party softwares , it may cause permanent data loss .
☢ If you do not pay the fee within one month , your important files will be published in our public belog .

☢ Do not pay any money before decrypting the test files.
☢ You can use our 50% discount if you pay the fee within first 15 days of encryption . otherwise the price will be doubled.
☢ In order to warranty you , our team will decrypt 3 of your desired files for free.but you need to pay the specified price for the rest of the operation .

How To Decrypt :

☢ Your system is offline . in order to contact us you can email this address use this ID (0uUO3jsQBIbkZu) for the title of your email .
☢ If you weren't able to contact us within 24 hours please email :
☢ If you didn't get any respond within 48 hours use this link (Not Available Now).send your ID and your cryptor name (SurtrRansomwareUserName) therefore we can create another way to contact you as soon as possible.'

Related Posts


Most Viewed