Zazas Ransomware
When computer users open spam emails' attachments, they may open a path for unwanted and even threatening applications. The Zazas Ransomware, a member of the Babuk Ransomware family, is one of the threats that can infect a computer via these shady methods. The developers of ransomware threats also may use exploit kits, corrupted websites and advertisements, and numerous tricks to invade a machine.
The Zazas Ransomware, like any ransomware threat, is a program used by cybercriminals to enter a computer, scan the machine to find the files (such as PowerPoint, Excell, Word, videos, PDF, pictures, music, etc.) that match a list created by its developers and encrypt these files. The infected files will receive a new file extension '.zazas, which makes them easily identifiable. When the encryption of the files is complete, the Zazas Ransomware will create and display a file named “How to Restore Your Files. Txt' on the victims' desktop.
The ransom note exhibited by the Zazas Ransomware reads:
'!!! ALL YOUR FILES ARE ENCRYPTED !!!
All your files, documents, photos, databases and other important files are encrypted.
You are not able to decrypt it by yourself! The only method of recovering files is to purchase an unique private key from us.
Only we can give you this key and only we can recover your files.To be sure we have the decryptor and it works you can send an email and we will decrypt one file for free.
But this file should be not valuable!We also download important files,databases and emails. If you are not going to pay we will dump all on internet.
Do you really want to restore your files?
Write to email: batmobilerat@protonmail.com
Attention!
* Do not rename encrypted files.
* Do not try to decrypt your data using third party software, it may cause permanent data loss.
* Decryption of your files with the help of third parties may cause increased price (they add their fee to our) or you can become a victim of a scam.'
As we can see, except for the email address to contact the cybercriminals, batmobilerat@protonmail.com, the ransom note does not provide too much information. However, the main point to be observed is that it is not recommended to contact these people or pay the ransom. The best way to handle a ransomware infection is to restore the encrypted files from a backup or try to find another way to get the files back.
