ZaCaPa Ransomware

By GoldSparrow in Ransomware

Translate To:

The ZaCaPa Ransomware is distributed through infected email attachments, illicit cracking tools or other dubious sources on the Internet. Computer users whose machines have been infected with the ZaCaPaRansomware are not able to access certain files as the ZaCaPa Ransomware program has encrypted these files. Victims are demanded to pay a certain amount as a ransom to get a decryption key. A characteristic feature of the ZaCaPa Ransomware is that it appends the ".ZaCaPa" extension to all locked files. The ransom note is displayed in a pop-up window that shows up on the user's screen as soon as the ZaCaPa Ransomware has finished the encryption. It also is dropped as a text file named "HOW TO DECRYPTS FILES.txt" in each compromised folder.

The ransom note explains that the users have become victims of a ransomware attack and, therefore, all their files are locked. To get the data back, they must transfer the amount of 0.1 BTC (equivalent to USD 1,100 currently) to a specified Bitcoin wallet. The malware operators ask the victim to contact them after paying the ransom at one of their email addresses zacapa2020@protonmail.com or zacapa@tuta.io. The ZaCaPa Ransomware assigns a unique ID number to each infected computer, so the user should write that number in the email's subject line.

The ZaCaPa Ransomware is a malware threat that researchers attribute to the Xorist Ransomware family.

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

ZaCaPa Ransomware

Submit Comment

Trending

'YouPorn' Email Scam

Safe Search Eng

Findtheirreport.com

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen