V3JS Ransomware
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Threat Level: | 100 % (High) |
| Infected Computers: | 1 |
| First Seen: | January 19, 2011 |
| Last Seen: | November 11, 2020 |
| OS(es) Affected: | Windows |
The V3JS Ransomware is a threatening malware that can lock users out of their own computers. The V3JS Ransomware exploits a powerful encryption algorithm to render nearly all of the files present on the compromised devices inaccessible and unusable. Indeed, the consequences could be dire if the affected data had significant personal value or is related to important work projects. The main targets of the V3JS Ransomware appear to be users from Poland, as the ransom note delivered by the threat is written in Polish. The criminals are not picky, though, and they have included an English translation.
Unlike most ransomware threats, the V3JS Ransomware does not change the names of the files it encrypts in any way. This means that there is no new extension attached to the files. As for the ransom note, it is delivered in an interactive pop-up window. There the criminals state that they demand the sum of 40 Euros paid in Bitcoin to be sent to their cryptocurrency wallet address. The pop-up window includes a 'DECRYPT FILES' button and a countdown timer placed right below it. There is no additional information about what will happen when the timer runs out.
The original text of the note displayed in V3JS Rasnomware's pop-up window is:
'EN:
OJ YOUR PRIVATE FILES WERE SUBJECTED TO AN ENCRYPTION PROGRAM. TO RESTORE YOUR FILES YOU HAVE TO PAY 40 EURO IN BITCOINS. IF YOU NEED HELP, VISIT THE WEBSITE: hxxps://www.bitcoin.com/get-started/how-do-i-send-and-receive-bitcoin/. REMEMBER THAT EVERY ATTEMPT TO DELETE THE PROGRAM WILL BE PUNISHED. ALSO BE SURE NOT TO TURN OFF OR RESTART YOUR COMPUTER BECAUSE THIS RISK OF DATA DELETION.
PL:
OJ TWOJE PRYWATNE PLIKI SOSTAŁY PODDANE PROGRAMOWI SZYFRUJĄCEMU. ABY PRZYWRUCIĆ TWOJE PLIKI MUSISZ ZAPŁACIĆ 40 EURO W BITCOINACH. JEŚI POTRZEBUJESZ POMOCY WEJDŹ NA STRONE: hxxps://www.bitcoin.com/get-started/how-do-i-send-and-receive-bitcoin/. PAMIĘTAJ ZE KAŻDA PRÓBA USUNIĘĆA PROGRAMU BĘDZIE KARANA. PAMIĘTAJ RÓWNIEŻ ABY NIE WYŁĄCZAĆ ANI RESTARTOWAĆ KOMPUTERA PONIEWAŻ GROZI TO USUNIĘCIEM DANYCH.
BITCOIN WALLET
1BoatSLRHtKNngkdXEeobR76b53LETtpyT.'
