Hip1 Ransomware Appends Complex Extension

ransomware

Hip1 is the name of a new ransomware variant that was spotted in the wild in late August 2022. The new strain belongs to the family of VoidCrypt clones.

Hip1 will encrypt the system it is deployed on and leave most files on it in an unusable state. Encrypted files receive a complex, multi-part extension, as is the case with other VoidCrypt clones.

Encrypted files will get a new extension consisting of the victim's ID, the contact email used by the ransomware operator and the ".HIP1" string. This will transform a file named "photograph.jpg" into "photograph.jpg[ID=alphanumeric string-Mail=FreedomTeam@mail.ee].HIP1" once it has been encrypted.

The ransomware will scramble most documents, archive files, databases and media files.

The ransom note is deposited inside a file named "Read_Me!_.txt" and goes as follows:

All Your Files Encrypted And Sensitive Data Downloaded (Financial Documents,Contracts,Invoices etc.. ).

To Get Decryption Tools You Should Buy Our Decrption Tools And Then We Will Send You Decryption Tools And Delete Your Sensitive Data From Our Servers.

If Payment Is Not Made We have to Publish Your Sensitive Data If Necessary Sell Them And Send Them To Your Competitors And After A While Our Servers Will Remove Your Decrypion Keys From Servers.

Your Files Encrypted With Strongest Encryption Algorithm So Without Our Decryption Tools Nobody Can't Help You So Do Not Waste Your Time In Vain!

Your ID:  -

Email Address: FreedomTeam at mail dot ee

In Case Of Problem With First Email Write Us E-mail At : Freedom29 at Tutanota dot com

Send Your ID In Email And Check Spam Folder.

This Is Just Business To Get Benefits, If Do Not Contact Us After 48 Hours Decryption Price Will x2.

What Guarantee Do We Give You ?

You Should Send Some Encrypted Files To Us For Decryption Test.

----------------------------------------------------------------------

Attention!

Do Not Edit Or Rename Encrypted Files.

Do Not Try To Decrypt Files By Third-Party Or Data Recovery Softwares It May Damage Files.

In Case Of Trying To Decrypt Files With Third-Party Sofwares,This May Make The Decryption Harder So Prices Will Be Rise.

----------------------------------------------------------------------

How To Buy Bitcoin :

Buy Bitcoin Instructions At LocalBitcoins :

hxxps://localbitcoins.com/guides/how-to-buy-bitcoins

Buy Bitcoin Instructions At Coindesk And Get More Info By Searching At Google :

hxxps://www.coindesk.com/learn/how-can-i-buy-bitcoin/

By Zaib
September 1, 2022
Ransomware
English
September 1, 2022
Ransomware

Popular Posts

As Fears of the Coronavirus Pandemic Spread, So Does...

5 years ago

What is the OperaGXSetup.exe File and is it Malicious?

11 months ago

Eporner.com And Why Its Excessive Pop-Ups Are Risky

11 days ago

HackTool:Win32/Crack: a Malicious Threat That Can Seriously...

7 months ago

Take Note: Someone Added You As Their Recovery Email Scam

10 months ago

A Potentially Serious Threat: Trojan:Win32/Suschil!rfn

18 days ago

Related Posts

Ransomware

Z61yt Ransomware Uses Complex Extensions

There is a new strain of file-encrypting malware in the wild, called the Z61yt ransomware. The new variant belongs to the family of Hive ransomware clones. The ransomware encrypts most popular file types it encounters... Read more

June 10, 2022
Ransomware

Snick Ransomware Encrypts Several Files

Snick Ransomware is a dangerous malware threat that comes from the Makop family of malware threats. The actions of Snick Ransomware start with seeking out certain files, encrypting them, and then appending the .snick... Read more

March 3, 2022
Ransomware

How to Remove Horsemagyar Ransomware

Horsemagyar is the unusual name of a newly discovered strain of file-encrypting malware. There is no indication that the ransomware belongs to any of the major groups or families of ransomware. Horsemagyar would... Read more

May 23, 2022
English
Loading...

Cyclonis Password Manager Details & Terms

FREE Trial: 30-Day One-Time Offer! No credit card required for Free Trial. Full functionality for the length of the Free Trial. (Full functionality after Free Trial requires subscription purchase.) To learn more about our policies and pricing, see EULA, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Home

Products

Cyclonis Password Manager Cyclonis World Time

Support

Help Files FAQs Downloads Inquiries & Support

Company

About Us Contact Us Report Abuse

Legal (Post Merger)

EnigmaSoft Limited (fka Cyclonis Limited)

Cyclonis Password Manager's EULA Cyclonis World Time's Terms of Service Privacy Policy Cookie Policy Special Discount Offer Terms Additional Terms & Conditions SpyHunter EULA RegHunter EULA EnigmaSoft Privacy Policy & Cookie Policy ESG Privacy Policy & Cookie Policy EnigmaSoft Discount Offer Terms ESG Discount Offer Terms

© 2017-2025 Cyclonis Ltd. CYCLONIS is a trademark of EnigmaSoft Limited (Cyclonis was merged into EnigmaSoft Limited effective November 25, 2023.) All rights reserved.

Registered Office EnigmaSoft Limited: 1 Castle Street, 3rd Floor, Dublin 2 D02 XD82, Ireland.
EnigmaSoft Limited, Private Company Limited by shares, Company Registration Number 597114.

Windows is a trademark of Microsoft, registered in the U.S. and other countries.
Mac, iPhone, iPad and App Store are trademarks of Apple Inc., registered in the U.S. and other countries.
iOS is a registered trademark of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
Android and Google Play are trademarks of Google LLC.