BitenC Ransomware is a New Mallox Clone
BitenC is a type of ransomware that encrypts data and demands payment for the decryption tools. After executing a sample of BitenC, it appended filenames with a ".bitenc" extension. The new variant is part of the Mallox family of clones.
A message demanding ransom was dropped onto the desktop informing victims that their files have been encrypted and warning them against attempting to manually decrypt them. The file containing the ransom note is called "FILE RECOVERY.txt" and is placed on the system desktop. The message inside the file also instructs victims to contact the attackers in order to restore their files and offers a free decryption test on a single file.
The note also lists the cyber criminals' blog that allegedly contains uploaded data that was stolen from previously targeted companies, suggesting that BitenC ransomware targets large entities rather than home users.
As such, it is important for large entities to be aware of this ransomware variant and take steps to protect their networks from becoming the next victim of its malicious activities.
Table of Contents
The BitenC ransomware full ransom note
The complete contents of the "FILE RECOVERY.txt" ransom note go as follows:
Hello
Your files are encrypted and can not be used
To return your files in work condition you need decryption tool
Follow the instructions to decrypt all your dataDo not try to change or restore files yourself, this will break them
If you want, on our site you can decrypt one file for free. Free test decryption allowed only for not valuable file with size less than 3MBHow to get decryption tool:
1) Download and install TOR browser by this link: hxxps://www.torproject.org/download/
2) If TOR blocked in your country and you can't access to the link then use any VPN software
3) Run TOR browser and open the site: -
4) Copy your private ID in the input field. Your Private key: -
5) You will see payment information and we can make free test decryption hereOur blog of leaked companies:
What is double extortion in ransomware attacks, similar to the type used by the BitenC ransomware?
Double extortion is a type of ransomware attack that not only encrypts data but also threatens to publish the stolen data if the ransom is not paid. This type of attack has become increasingly popular among cybercriminals as it increases their chances of receiving payment.
The BitenC ransomware is known to use double extortion tactics, meaning that it will both encrypt files and threaten to publish stolen data if the ransom is not paid. Victims are usually presented with a deadline for payment and warned that failure to pay within this time frame will result in the stolen data being published online. It is important for organizations to be aware of this type of attack and take steps to protect themselves from becoming victims.
How can you protect your files from ransomware attacks similar to the BitenC ransomware?
There are several advisable steps to protect files from ransomware attacks similar to the BitenC ransomware. First, it is important to ensure that all software and operating systems are kept up-to-date with the latest security patches. This will help reduce the risk of vulnerabilities being exploited by malicious actors.
Additionally, users should back up their data regularly and store backups in an offline location such as a USB drive or external hard drive. This will allow users to restore their data if they become victims of a ransomware attack. It is also important to use strong passwords and two-factor authentication whenever possible, as this will make it more difficult for attackers to gain access to user accounts. Finally, users should be aware of phishing emails and other suspicious activity online, as these can be used by attackers to deliver ransomware payloads.
