Venolock Ransomware

The Venolock Ransomware is designed to lock victims out from accessing their own data. The threat achieves its threatening purpose by running an encryption routine on the breached devices. The targeted files may include databases, archives, documents, PDFs, photos and many other file types. The underlying code of the threat indicates that Venolock is a variant belonging to the ZEPPELIN Ransomware family.

The files encrypted by the threat will have their original names modified via the addition of a '.vn2,' followed by an ID string generated specifically for the victim. When all target data has been locked, the Venolock Ransomware will drop a ransom-demanding message to the desktop of the system. The ransom note will be contained inside a text futilely named 'ALL YOUR FILES ARE ENCRYPTED.txt'

Apparently, the only ransom payments that the operators of the Venolock Ransomware will accept are those made using the Bitcoin cryptocurrency. The note doesn't mention the exact size of the demanded ransom. However, it does state that victims can message the 'venolockdate1@rape.lol' and 'venolockdate1@rape.lol' email addresses, as a way to reach the cybercriminals. Victims can attach one encrypted file to their message to be decrypted for free. The chosen file must not contain any databases or be in the XLS and XML formats.

The full text of Venolock's ransom note is:

'ALL YOUR FILES ARE ENCRYPTED

***All your data has been compromised. Documents, photos, databases and other important files are encrypted.

***You cannot decipher them yourself! The only method for recovering files is by purchasing a unique private key. Only we can provide you with this key and only we can restore your files.

***The decryption key fee is charged only in bitcoins, we CAN assist in buying bitcoins by giving instructions on how and where to buy.

***In case of non-payment, all data will be put up for auction on the darknet. Beware of data leaks.

***To make sure we have a decryptor and it works, you can send an email to venolockdate1@rape.lol or venolockdate1@rape.lol and decrypt one not important file for free, DO NOT send files containing databases, any XLS / XML documents for the test.

***Beware of dishonest middlemen. as well as buying a decryption key through intermediaries increases the final cost of the key.

***Do you really want to restore your files?
Write to email: venolockdate1@rape.lol
Your personal ID: -

Attention!

Do not rename encrypted files.

Do not try to decrypt your data using third party software, it may cause permanent data loss.

Decryption of your files with the help of third parties may cause increased price (they add their fee to our) or you can become a victim of a scam.'