Uyjh Ransomware
The Uyjh Ransomware is a malware variant belonging to the STOP/Djvu Ransomware family. Despite having few unique features, the threat's destructive capabilities remain significant. The data found on each successfully breached device will be subjected to an encryption routine and rendered unusable subsequently. The goal of the attackers is to then extort money from their victims, in exchange for assisting in the restoration of the locked files.
What separates this threat from the countless other STOP/Djvu variants, is the file extension it utilizes to mark the files it encrypts. Indeed, victims will notice that their documents, PDFs, pictures, photos, databases, archives, etc., all have '.uyjh' appended to their original names. Finally, a ransom note with instructions will be delivered to the infected machine. This ransom-demanding message will be found inside a text file named '_readme.txt.'
Ransom Note's Details
For the most part, the ransom note of the Uyjh Ransomware follows the pattern typically observed in STOP/Djvu threats. The hackers state that they demand to be paid a ransom of $980, but are willing to cut the price down by 50% to $490. The single listed requirement is for the victims of the attack to contact them at some point during the first 72 hours. Two email addresses can be used - 'support@sysmail.ch' is the main one and 'helprestoremanager@airmail.cc' is described as a reserve email. Affected users are apparently allowed to send one encrypted file to the attackers. After verifying that it doesn't contain any important information, the hackers are supposedly going to return it to its original state for free.
The entire set of instructions left by Uyjh Ransomware is:
'ATTENTION!
Don’t worry, you can return all your files!
All your files like pictures, databases, documents and other important are encrypted with strongest encryption and unique key.
The only method of recovering files is to purchase decrypt tool and unique key for you.
This software will decrypt all your encrypted files.
What guarantees you have?
You can send one of your encrypted file from your PC and we decrypt it for free.
But we can decrypt only 1 file for free. File must not contain valuable information.
You can get and look video overview decrypt tool:
https://we.tl/t-bPgv29RUmq
Price of private key and decrypt software is $980.
Discount 50% available if you contact us first 72 hours, that’s price for you is $490.
Please note that you’ll never restore your data without payment.
Check your e-mail “Spam” or “Junk” folder if you don’t get answer more than 6 hours.To get this software you need write on our e-mail:
support@sysmail.chReserve e-mail address to contact us:
helprestoremanager@airmail.cc'
