VietnamPav Ransomware

VietnamPav is a ransomware threat that can render targeted filetypes unusable by encrypting them with a strong cryptographic algorithm. Victims will be left scrambling to regain access to their documents, PDFs, archives, databases, etc. The goal of the attackers is to then use the locked files as hostages and extort their victims for money in exchange for the potential restoration of the data.

Whenever the VietnamPav Ransomware locks a file, it changes that file's original name completely. It substitutes it with a random string entirely, followed by the '.encrypted' extension. Upon finishing its encryption process, the threat will create a 'How to restore files.hta' file on the desktop of the compromised system. This file contains the threat's ransom note.

Demands' Overview

The instructions left to the victims are short relatively. The hackers mention that the ransom must be transmitted using the Bitcoin cryptocurrency but the exact sum is not revealed. The note does mention that the amount of the ransom will be based on how fast victims establish contact with the attackers. For that purpose, affected users are left with a single email address as a communication channel - 'zitenmax@rambler.ru.'

Ransomware threats are extremely threatening and becoming a victim of one can have devastating consequences. Still, entering into negotiations with the unscrupulous people behind the attack could potentially expose users to even more security risks. Not to mention that there are no guarantees that all of your data will be restored successfully, even if you meet the demands of cybercriminals.

The full text of the note is:

'All Files Encrypted !!!! - VietnamPav

You ID:

You have to pay for decryption in Bitcoins. The price depends on how fast you write to us. After payment we will send you the decryption tool that will decrypt all your files.If you want to restore them, write us to the

Mail: zitenmax@rambler.ru.'