ZEUS Ransomware
A new threat that is being tracked as the ZEUS Ransomware is another threatening variant based on the Chaos Ransomware strain. The ZEUS Ransomware is capable of impacting numerous file types - documents, archives, databases, images, PDFs, etc. The threat will create a different random 4-character string and append it to the original names of the locked files. A ransom note with instructions will then be delivered to the infected devices as a text file named 'read_it.txt.' The default desktop wallpaper of the infected systems also will be switched to a new one carried by the malware.
The message inside the text file and the one shown as a desktop background are both written in Indonesian and lack any translations into other languages. This is a significant sign that the operators of the ZEUS Ransomware may be heavily focused on targets from that region. The attackers' message provides several, different communication channels that victims can use to establish contact. The ransom messages mention two email addresses at 'zeussec1337@gmail.com' and 'ANONSEC4444@GMAIL.COM,' a Facebook account at 'zeussec1337,' and a Telegram account at '@ZeusSec1337.'
The full ransom note found inside the text file is:
'OPPS FILE ANDA DI ENKRIPSI BY RANSOMWARE ZEUS UNTUK MENGEMBALIKAN FILE ANDA
CONTACT SAYAEMAIL:zeussec1337@gmail.com
FACEBOOK:hxxps://www.facebook.com/zeussec1337
TELEGRAM:@ZeusSec1337'
The ZEUS Ransomware desktop background shows the following message:
'OPPS FILE ANDA DI ENKRIPSI!!!
APA YANG TERJADI? FILE ANDA TELAH DI ENKRIPSI OLEH RANSOMWARE MILIK SAYA YANG TIDAK SENGAJA ANDA DOWNLOAD DARI INTERNET. BAGAIMANA MENGEMBALIKAN FILE SAYA? JANGAN PANIK CUKUP KONTAK SAYA DI SINI ANONSEC4444@GMAIL.COM SAYA AKAN MEMBANTU ANDA MENGEMBALIKAN FILE ANDA DENGAN CEPAT JANGAN INSTALL ULANG KOMPUTER ANDA JIKA ANDA TIDAK INGIN TERJADI KERUSAKAN PADA HARDWARE KOMPUTER PENGEMBALIAN KOMPUTER INI GRATIS INI TERJADI KARENA PENYALAHGUNAAN RANSOMWARE KAMI
RANSOMWARE DI DISTRIBUSIKAN OLEH:#KOMUNITAS HACKER INDONESIA
RANSOMWARE ZEUS'
ZEUS Ransomware Video
Tip: Turn your sound ON and watch the video in Full Screen mode.
