Multi-Device Licenses (Volume Discounts)

Change Region

English Dansk Deutsch Español Français Italiano Nederlands Polski Português Svenska Türkçe български език Русский हिन्दी 日本語 汉语 漢語 한국어
Threat Database Ransomware Taleb Ransomware

Taleb Ransomware

By CagedTech in Ransomware
Translate To:
English

The Taleb Ransomware is a new variant from the VoidCrypt malware family. Despite lacking any meaningful improvements over the typical threat from the VoidCrypt Ransomware family, the potential of the Taleb Ransomware to cause damage should not be underestimated. The threat is capable of encrypting a large array of file types rendering them both inaccessible and unusable. The hackers behind the threat will then extort their victims for money in exchange for giving them the necessary decryption key and tool that could potentially restore the files.

When the Taleb Ransomware encrypts a file, it also changes that file's original name drastically. First, the threat appends a 'monito001@aol.com' email address, then it adds a string of random characters, and finally, it puts '.Taleb' as a new file extension. The ransom note of the threat will then be delivered to the breached device as a text file named 'Read-this.txt.'

According to the note, the first step that victims should take is to locate a specific file that has been created by the threat on their systems. The file is named 'prvkey.txt.key' and should be located in C:\ProgramData. If it isn’t there, users should look around their other drives as without this file restoration of the encrypted data will be impossible.

Next, they should send the file to the cybercriminals as a message to the provided email addresses - monito001@aol.com and monito001@mailfence.com. Victims can also attach a single locked file that is less than 1MB in size to be decrypted for free.

The full text of the ransom note is:

'All Your Files Has Been Encrypted

You Have to Pay to Get Your Files Back

1-Go to C:\ProgramData\ or in Your other Drives and send us prvkey.txt.key file

2-You can send some file little than 1mb for Decryption test to trust us But the test File should not contain valuable data

3-Payment should be with Bitcoin

4-Changing Windows without saving prvkey.txt.key file will cause permanete Data loss

Our Email:monito001@aol.com

in Case of no Answer:monito001@mailfence.com.'

Trending

Most Viewed

Loading...