v315 Ransomware Description
The v315 Ransomware is a potent crypto locker threat that, according to the infosec researchers who have analyzed it, is a variant based on the Jigsaw Ransomware. Functionally, the v315 Ransomware displays little deviation from the other variants of the family. The v315 Ransomware aims to sneak itself onto the targeted computer, encrypt the user's files, and demand payment of a ransom for their restoration.
This particular threat claims to encrypt .png, .doc, and .txt files mainly, but various other file types also are affected. The original filename of each encrypted file will be modified to include '.v315' as a new extension. The ransom note with instructions for the victims is delivered in an elaborate pop-up window with multiple tabs.
The pop-up window has six different tabs, each serving a separate function. The first one, named 'Instructions,' contains the main message from the hackers. Apparently, victims of the v315 Ransomware will have to pay the sum of $70 delivered in Bitcoins to the provided cryptocurrency wallet address. At the current Bitcoin price, the ransom amount is equal to around 0.0050 BTC, but the exchange rate is notorious for being incredibly inconsistent. To push the users further into obeying their instructions, the criminals threaten to delete 1000 files if any attempts to remove the v315 Ransomware from the infected computer system are made. Users are also warned to check the 'Rules' tab if they want to avoid any other 'punishments.' Breaking the rules imposed by the hackers is not the only time when files will be deleted - the 'Timer' tab contains a countdown that when finished will result in one file being deleted. The 'Bitcoin' tab has instructions on acquiring and sending bitcoin while the last tab named 'Decrypt' contains the hackers' wallet address.
While the criminals behind the v315 Ransomware do not demand an excessive amount of money, users should still abstain from sending any amount of money as the funds will only be used to support future illegal activities.
The main message displayed by the v315 Ransomware is:
'Welcome. If you are reading this you are probably wondering what happened to your computer, so let me explain. All your private .png .doc .txt... files have been encrypted and there is no way to get them back other than by paying the relatively small price of 70 USD. Also remember that any attempt to disable or delete the virus will be punished with the removal of 1000 encrypted files from your device.
Of course, if you want to avoid punished, I would advise you to enter the RULES tab which will appear after finishing the dialogue
Remember also that after a limited time, a specific number of files will be deleted automatically. If you want to see how much time you have (The number of files deleted will gradually increase over time),enter the tab that will appear after completing the dialogue.
You can rest assured that the program does not spread to other devices, it only attacks those who launch the fake application.
Summing up, remember to not to turn off or restart your computer, your files can be decrypted by our program, the maximum number of deleted files can be 1000, payment can only be in bitcoins and remember to load the RULES tab, that's all about it.
So now let's start the real destruction.'