Znsm Ransomware
Samples of the Znsm Ransomware classify it as a file encryptor Trojan and a variant of the STOP/ Djvu Ransomware. Users are typically infected by the Znsm Ransomware via spam emails, infected email attachments, corrupted advertisements, torrent websites, websites distributing pirated content, etc. The Znsm Ransomware encrypts standard data formats and alters filenames to include the '.znsm' file extension. For example, 'La Dolce Vita.mp3' is renamed 'La Dolce Vita.mp3.znsm.'
Victims of the Znsm Ransomware, like other STOP/Djvu family members, are asked to pay the sum of $980 if they want to receive the decryption tool that is in the criminals' possession. To make the payment of the ransom a bit more attractive, the criminals claim that the price will be cut in half to $490 if the victims contact them within the first 72 hours after the infection. For this purpose, two email addresses are provided - support@freshmail.top and datarestorehelp@airmail.cc. The hackers also allow victims to include a single file in the email message, which will be decrypted for free, as proof that they have the means to recover the damaged data.
The ransom note will be displayed on the desktop in the form of a simple text file named '_readme.txt' that reads:
'ATTENTION!
Don't worry, you can return all your files!
All your files like pictures, databases, documents and other important are encrypted with strongest encryption and unique key.
The only method of recovering files is to purchase decrypt tool and unique key for you.
This software will decrypt all your encrypted files.
What guarantees you have?
You can send one of your encrypted file from your PC and we decrypt it for free.
But we can decrypt only 1 file for free. File must not contain valuable information.
You can get and look video overview decrypt tool:
hxxps://we.tl/t-OKSOfVy04R
Price of private key and decrypt software is $980.
Discount 50% available if you contact us first 72 hours, that's price for you is $490.
Please note that you'll never restore your data without payment.
Check your e-mail "Spam" or "Junk" folder if you don't get answer more than 6 hours.
To get this software you need write on our e-mail:
support@freshmail.topReserve e-mail address to contact us:
datarestorehelp@airmail.ccYour personal ID:'
You should disinfect the compromised machine using a proven anti-malware application and avoid paying the ransom demanded by the cybercriminals. The people behind the Znsm Ransomware and similar threats should not be trusted. You may agree to pay a costly ransom to a Bitcoin wallet address and end up losing your money without receiving the decryption tool. PC security analysts believe that the STOP/Djvu Ransomware campaign will not slow down, and countless other variants of this threatening family will still infect computers all around the world. They also remind victims that ransom payment is never a good idea.
