Blaze Ransomware is a New Babuk Variant

Blaze Ransomware is a new file-locker variant that is being spread online with the use of fake email attachments. The criminals propagating this malware might use phishing messages to try and convince potential victims to download and run a malicious file. The payload may often be concealed as a document, image or archive. When the Blaze Ransomware runs for the first time, it will immediately get to work in the background. The malware needs just a few minutes to complete the attack, and encrypt the majority of the victim's files.

We consider Blaze Ransomware to be a part of the BabukLocker Ransomware family. After it encrypts and renames the files, it drops the ransom note 'How To Decrypt.txt.' It explains the attack to the victims and warns them that they will cause inevitable damage to their files if they try to use alternative data recovery methods. The advice of the criminals is to purchase a decryption service by messaging them at blazesupp@protonmail.com or by using the TOR-based Tox chat.

You can rest assured that trying to buy a decryption tool from anonymous cybercriminals is a terrible idea – do not accept this offer. Even if you meet their demands, they could easily scam you out of your money. Victims of the Blaze Ransomware should ignore the offer of the criminals, and use legitimate tools to try and fix the situation. The first step towards recovery is to run an up-to-date anti-virus tool, ensuring the malware's removal. After this, victims should explore alternative data recovery methods and options.

By Ruik
March 17, 2022
Ransomware
English
March 17, 2022
Ransomware

Popular Posts

As Fears of the Coronavirus Pandemic Spread, So Does...

5 years ago

What is the OperaGXSetup.exe File and is it Malicious?

11 months ago

Eporner.com And Why Its Excessive Pop-Ups Are Risky

11 days ago

HackTool:Win32/Crack: a Malicious Threat That Can Seriously...

7 months ago

Take Note: Someone Added You As Their Recovery Email Scam

10 months ago

A Potentially Serious Threat: Trojan:Win32/Suschil!rfn

18 days ago

Related Posts

Ransomware

Paradise Ransomware Resurfaces with the Iskaluz Ransomware Variant

Ransomware attacks almost always have devastating consequences for their victims. The best way to make sure that you will not be the next user targeted by such an attack is to invest in a reputable antivirus tool that... Read more

February 11, 2022
Ransomware

Remove Ljubi Ransomware

Falling victim to the Ljubi Ransomware can have devastating consequences for your files. The purpose of this type of malware is to prevent victims from viewing and accessing their important data – documents, images,... Read more

February 11, 2022
Ransomware

Remove GpCODE Ransomware, a Decryptable Xorist Variant

GpCODE Ransomware is a file-locker, which could cause massive issues if it gets to your computer. The purpose of this malware is to lock you out of your files, ensuring that you are unable to access important... Read more

February 9, 2022
English
Loading...

Cyclonis Password Manager Details & Terms

FREE Trial: 30-Day One-Time Offer! No credit card required for Free Trial. Full functionality for the length of the Free Trial. (Full functionality after Free Trial requires subscription purchase.) To learn more about our policies and pricing, see EULA, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Home

Products

Cyclonis Password Manager Cyclonis World Time

Support

Help Files FAQs Downloads Inquiries & Support

Company

About Us Contact Us Report Abuse

Legal (Post Merger)

EnigmaSoft Limited (fka Cyclonis Limited)

Cyclonis Password Manager's EULA Cyclonis World Time's Terms of Service Privacy Policy Cookie Policy Special Discount Offer Terms Additional Terms & Conditions SpyHunter EULA RegHunter EULA EnigmaSoft Privacy Policy & Cookie Policy ESG Privacy Policy & Cookie Policy EnigmaSoft Discount Offer Terms ESG Discount Offer Terms

© 2017-2025 Cyclonis Ltd. CYCLONIS is a trademark of EnigmaSoft Limited (Cyclonis was merged into EnigmaSoft Limited effective November 25, 2023.) All rights reserved.

Registered Office EnigmaSoft Limited: 1 Castle Street, 3rd Floor, Dublin 2 D02 XD82, Ireland.
EnigmaSoft Limited, Private Company Limited by shares, Company Registration Number 597114.

Windows is a trademark of Microsoft, registered in the U.S. and other countries.
Mac, iPhone, iPad and App Store are trademarks of Apple Inc., registered in the U.S. and other countries.
iOS is a registered trademark of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
Android and Google Play are trademarks of Google LLC.