Wdlo Ransomware

Wdlo Ransomware Description

The Wdlo Ransomware infects computers and executes an encryption routine with an uncrackable cryptographic algorithm. As a result, the breached machine will have nearly all of the data stored on it left in a completely unusable state. The victims will lose access to important documents, databases, archives, images, PDFs and more. The cybercriminals will exploit the locked files and extort their victims for money. It should be noted that the Wdlo Ransomware is not a unique threat. In fact, it is yet another threatening variant created from the STOP Djvu Ransomware family, but this fact doesn't diminish its destructive potential.

Affected users or companies will notice that all locked files have had their original names modified by the malware. More specifically, each file will now carry '.wdlo' as a new file extension. Furthermore, a new text file will be created on all compromised devices. The file will be named '_readme.txt' and its purpose is to contain the ransom note with instructions from the hackers.

Ransom Note's Details

Reading the message left by the cybercriminals reveals that they demand to be paid a ransom of $980. After receiving the money, they 'promise' to send a software tool and the decryption key needed for the restoration of the files. To make their demands more palatable, the hackers give their victims the opportunity to reduce the demanded sum by 50%. The only mentioned requirement is that victims must have established communication with the attackers at some point during the first 72 hours of the malware infection. Two email addresses can be used for this purpose. The main one is 'support@sysmail.ch,' while 'supportsys@airmail.cc' serves a reserve role.

The full text of the note is:

'ATTENTION!

Don't worry, you can return all your files!
All your files like pictures, databases, documents and other important are encrypted with strongest encryption and unique key.
The only method of recovering files is to purchase decrypt tool and unique key for you.
This software will decrypt all your encrypted files.
What guarantees you have?
You can send one of your encrypted file from your PC and we decrypt it for free.
But we can decrypt only 1 file for free. File must not contain valuable information.
You can get and look video overview decrypt tool:
hxxps://we.tl/t-0S984cQ4B3
Price of private key and decrypt software is $980.
Discount 50% available if you contact us first 72 hours, that's price for you is $490.
Please note that you'll never restore your data without payment.
Check your e-mail "Spam" or "Junk" folder if you don't get answer more than 6 hours.

To get this software you need write on our e-mail:
support@sysmail.ch

Reserve e-mail address to contact us:
supportsys@airmail.cc

Your personal ID:'