POLINA Ransomware Lists No Ransom Demand
POLINA ransomware is a newly discovered strain of file-encrypting malware. The ransomware was first spotted in July 2022 and it does not seem to share code or belong to any of the big ransomware families.
Once deployed on a targeted system, the POLINA ransomware will encrypt most files, including media, document, archive and database file types. Once encrypted, files receive the ".POLINA" extension, which also gives the ransomware its name. This means that a file that was previously called "document.txt" will turn into "document.txt.POLINA" once encrypted fully.
The ransom note makes no mention of the specific amount of ransom expected by the criminals, as they probably determine the ransom on a case-by-case basis. The full text of the note is as follows:
All of your files have been ENCRYPTED with POLINA RANSOMWARE
Your computer was infected with a ransomware. Your files have been encrypted and you won't
be able to decrypt them without our help.
What can I do to get my files back?
You can buy our special decryption software, this software will allow you to recover all of your data and remove the
ransomware from your computer.
Email our team at: myfilesrecovery at proton dot me OR TELEGRAM: hxxps://t.me/filesrecovery
Don't worry, you can return all your files!