V4cnyy Ransomware

The V4cnyy Ransomware is a threat designed to lock the files of its victims and then extort them for money. The malware can affect a wide array of file types and the used strong encryption algorithm ensures that it will not be feasible to restore the affected files without the right decryption key possessed by the attackers. While V4cnyy follows the typical behavior expected from a ransomware threat largely, certain signs point out that it may be in the testing stage of its development currently. It also appears to be targeting Russian-speaking users specifically.

During its encryption process, V4cnyy will change the names of the affected files by appending '.v4cnyy' to them as a new extension. The threat will then create a text file named '-Инструкция.txt' on the breached system. Translated from Russian the name means Instruction and is clearly intended to contain the ransom note of the threat. However, in the current versions of V4cnyy, the file is empty completely.

Users will still be presented with a ransom note, of sorts. Indeed, V4cnyy will generate a message that will be displayed before the system's log-in screen. The message is again written completely in Russian. It doesn't mention the encryption of the victim's files or make any demands. It simply states that users should reach out to V4cnyy Ransomware's operators by sending a message to the 'cyber@outlookpro.net' email address.

The full text of the message in its original Russian is:

'Внимание Внимание Внимание!!!

Добрый день. У Вас возникли сложности на работе?
Не стоит переживать, наши IT-специалисты помогут Вам.
Для этого напишите пожалуйста нам на почту.

Наш email - cyber@outlookpro.net

Хоросего и продуктивного для!'