Azhi Ransomware Encrypts Victim Systems
While examining malware samples, we encountered the Azhi ransomware, which belongs to the Djvu malware family. Once it infiltrates a computer, this malicious software encrypts files and adds the ".azhi" extension to their filenames. For instance, it will change "1.jpg" to "1.jpg.azhi" and "2.png" to "2.png.azhi."
Azhi also generates a ransom note, which is a text document named "_readme.txt." Furthermore, the distribution of Azhi may involve other types of malware explicitly crafted for stealing data, such as Vidar or RedLine.
The note makes it clear that all files, including images, databases, documents, and essential data, have been encrypted using a robust and unique encryption method. It instructs victims to purchase a decryption tool and a key to regain access to their files.
The cost of obtaining the private key and decryption software is $980, but victims can receive a 50% discount if they contact the cybercriminals responsible for the attack within 72 hours, reducing the cost to $490. The note strongly emphasizes that data recovery will only be possible upon payment.
It provides two email addresses for contacting the attackers: support@freshmail.top and datarestorehelp@airmail.cc.
Azhi Ransom Note Demands Initial Payment of $490
The full text of the Azhi ransom note reads as follows:
ATTENTION!
Don't worry, you can return all your files!
All your files like pictures, databases, documents and other important are encrypted with strongest encryption and unique key.
The only method of recovering files is to purchase decrypt tool and unique key for you.
This software will decrypt all your encrypted files.
What guarantees you have?
You can send one of your encrypted file from your PC and we decrypt it for free.
But we can decrypt only 1 file for free. File must not contain valuable information.
You can get and look video overview decrypt tool:
hxxps://we.tl/t-e5pgPH03fe
Price of private key and decrypt software is $980.
Discount 50% available if you contact us first 72 hours, that's price for you is $490.
Please note that you'll never restore your data without payment.
Check your e-mail "Spam" or "Junk" folder if you don't get answer more than 6 hours.To get this software you need write on our e-mail:
support@freshmail.topReserve e-mail address to contact us:
datarestorehelp@airmail.ccYour personal ID:
How Can You Safeguard Your Data Against Ransomware Threats?
Protecting your data against ransomware threats is crucial in today's digital landscape. Here are several measures you can take to safeguard your data:
Regularly Back Up Your Data:
Perform regular backups of your important files and data. Ensure these backups are stored offline or on a separate network that is not directly accessible from your main system. This prevents ransomware from encrypting your backups.
Use Reliable Antivirus and Antimalware Software:
Install and maintain reputable antivirus and antimalware software on your devices. Keep these programs updated to ensure they can detect and block new threats.
Enable Firewall Protection:
Activate firewalls on your network and individual devices. Firewalls can help block unauthorized access and suspicious network traffic.
Update Software and Operating Systems:
Keep your operating system, software applications, and plugins up to date. Software updates often include security patches that protect against vulnerabilities that ransomware can exploit.
Use Strong, Unique Passwords:
Create strong, complex passwords for your accounts and avoid using the same password across multiple services. Consider using a password manager to securely store and manage your passwords.
Implement Two-Factor Authentication (2FA):
Enable 2FA wherever possible. This adds an extra layer of security by requiring a second form of verification, such as a one-time code sent to your mobile device, in addition to your password.
