Tojh Ransomware
The Tojh Ransomware is a variant from the prolific STOP/Djvu malware family. This particular malware strain has been extremely popular among cybercriminals for a while now, and infosec researchers continue to uncover more threatening variants created from it. Even though Tojh lacks any improvements over other threats from the STOP/Djvu Ransomware family, that doesn't make it any less threatening.
If executed successfully on the targeted computers, the Tojh Ransomware will target most of the data stored on them and encrypt it with an uncrackable cryptographic algorithm. Victims will be unable to access any of the encrypted files. They also will notice that each impacted file has been marked by having '.tojh' attached to its original name. A ransom note with instructions from the threat actors will be dropped on the infected system as a file named '_readme.txt.'
According to the Tojh Ransomware's message, victims have to pay a ransom of $980. However, those who contact the hackers within the first 72 hours will supposedly have to pay only half of that initial amount. Victims also are told that they can send one file to be decrypted for free. The threat's ransom note provides two email addresses - 'restorealldata@firemail.cc' and 'gorentos@bitmessage.ch,' and a Telegram account at '@datarestore' as potential communication channels
The full text of the ransom note is:
'ATTENTION!
Don't worry, you can return all your files!
All your files like photos, databases, documents and other important are encrypted with strongest encryption and unique key.
The only method of recovering files is to purchase decrypt tool and unique key for you.
This software will decrypt all your encrypted files.
What guarantees you have?
You can send one of your encrypted file from your PC and we decrypt it for free.
But we can decrypt only 1 file for free. File must not contain valuable information.
You can get and look video overview decrypt tool:
https://we.tl/t-WbgTMF1Jmw
Price of private key and decrypt software is $980.
Discount 50% available if you contact us first 72 hours, that's price for you is $490.
Please note that you'll never restore your data without payment.
Check your e-mail "Spam" or "Junk" folder if you don't get answer more than 6 hours.To get this software you need write on our e-mail:
restorealldata@firemail.ccReserve e-mail address to contact us:
gorentos@bitmessage.chOur Telegram account:
@datarestoreYour personal ID:'
