Vn_os Ransomware

Vn_os Ransomware Description

A new ransomware threat has been discovered in the wild. Named Vn_os, it operates as a typical representative of this malware subset. Compromised systems are subjected to an encryption routine that locks the files stored there. Afterward, the affected users are extorted for money in exchange for the potential restoration of the encrypted data. Each locked file will have its original name modified by the addition of 'vn_os' as a new file extension. As for its ransom note, the threat delivers an identical message in two different forms - placed inside text files named '_RECOVER__FILES.vn_os.txt' and in a pop-up window.

The ransom note is rather short but it does provide several important details. Apparently, the hackers want to receive 1 Bitcoin, which even after the recent crash in the price of the cryptocurrency is still equal to a massive sum of over $33,000. The money must be transferred to the specified crypto-wallet address. Victims are then supposed to send the transaction ID to an email address under the control of the hackers - vnhack@protonmail.com.

The full text of the ransom note delivered by Vn_os Ransomware is:

'Your files (count: *) have been encrypted!
In order to recover your data…
Please send 1 Bitcoin(0.5) to the following BTC address:
18qPmNpugTaE3fUWhGbtHqZ6SzYjsGkTJZ
Next, E-mail your transaction ID to the following address:
vnhack@protonmail.com
.'