Wwhu Ransomware
Wwhu is a type of malware that falls into the category of ransomware. This means that it was specifically designed to encrypt data and prevent victims from accessing it. Upon infecting a system, the Wwhu Ransomware renames all files on the victim's computer by appending the extension '.wwhu' to their original names. For example, '1.jpg' would be renamed to '1.jpg.wwhu' and '2.doc' to '2.png.wwhu.' The ransomware also drops a ransom note titled '_readme.txt' on the victim's computer.
The Wwhu Ransomware has been identified as a variant of the STOP/Djvu Ransomware family, which is known for its continued usage among cybercriminals. Threat actors often distribute variants of the STOP/Djvu Ransomware alongside information stealers like RedLine and Vidar. It is important for users to be informed about these threats and take appropriate measures to protect their systems.
Victims of the Wwhu Ransomware Lose Access to Their Files and Data
The Wwhu Ransomware leaves victims with a ransom note titled '_readme.txt' after encrypting their files. The note contains contact and payment details for victims who wish to obtain the decryption tools needed to recover their data. Victims are encouraged to contact the attackers within 72 hours to take advantage of a discounted ransom amount of $490 instead of the regular price of $980.
The note emphasizes that without the decryption tools, recovering encrypted files is not feasible. In addition, the attackers offer to decrypt a single file for free as proof of their ability to restore all impacted data. The note provides two email addresses, 'support@freshmail.top' and 'datarestorehelp@airmail.cc,' as potential communication channels.
It is worth noting that victims of ransomware attacks usually cannot decrypt their data without assistance from the cybercriminals. However, paying the ransom demanded by these criminals is not recommended, as victims may not receive the decryption tools even after payment and could be subjected to various scams.
Don't Take Chances with the Security of Your Devices and Data
Protecting your devices from malware threats is becoming more and more important. There are several effective measures that can help users minimize the chances of becoming victims of cyber threats:
- Keep Software Updated: Make sure to update your operating system, software applications, and security programs to patch vulnerabilities.
- Use Strong Passwords: Create complex, unique passwords for your accounts and devices. Consider a password manager for convenience.
- Enable Two-Factor Authentication (2FA): Activate 2FA wherever possible to apply an extra coat of security to your logins.
- Exercise Caution with Email: Be cautious about accessing email attachments or links, especially from unknown sources.
- Backup Your Data: Implement automated and secure data backups. Store backups offline or in a separate location to protect against ransomware.
- Educate Yourself: Look for information about the latest ransomware threats and phishing tactics. Awareness is key to avoiding attacks.
- Avoid Paying Ransoms: Refrain from paying ransoms, as there are no guarantees of data recovery, and it supports cybercriminals.
By following these measures, the risk of falling victim to ransomware attacks will be a lot lower, and you will be able to protect your data and devices better.
The text of the ransom note dropped by Wwhu Ransomware is:
'ATTENTION!
Don't worry, you can return all your files!
All your files like pictures, databases, documents and other important are encrypted with strongest encryption and unique key.
The only method of recovering files is to purchase decrypt tool and unique key for you.
This software will decrypt all your encrypted files.
What guarantees you have?
You can send one of your encrypted file from your PC and we decrypt it for free.
But we can decrypt only 1 file for free. File must not contain valuable information.
You can get and look video overview decrypt tool:
hxxps://we.tl/t-xoUXGr6cqT
Price of private key and decrypt software is $980.
Discount 50% available if you contact us first 72 hours, that's price for you is $490.
Please note that you'll never restore your data without payment.
Check your e-mail "Spam" or "Junk" folder if you don't get answer more than 6 hours.To get this software you need write on our e-mail:
support@freshmail.topReserve e-mail address to contact us:
datarestorehelp@airmail.ccYour personal ID:'
