CatB Ransomware Targets Big Game

ransomware

CatB is a ransomware-type program that encrypts data and demands payment for the decryption. It does not alter filenames, and inserts ransom notes at the beginning of each encrypted file. The notes state that RSA-2048 cryptographic algorithm was used to encrypt the files, and the ransom size depends on how quickly it is paid - 50 BTC (Bitcoin cryptocurrency) on the first day, or 130 BTC on the fourth day. These sums are worth approximately 800 thousand USD and 2 million USD respectively. Victims can test decryption by sending up to three encrypted files to the attackers, but using third-party recovery software may render the data undecryptable.

Exorbitant sums are usually requested when ransomware is leveraged against companies or other large entities with more resources to pay them. However, despite paying - victims often do not receive the promised decryption keys/software, so we advise against meeting these demands as there are no guarantees that you will receive what you need. Removing CatB from your system will prevent it from encrypting more files, but it won't restore already compromised data - only a backup can do that. Therefore, always keep backups in multiple different locations (e.g., remote servers , unplugged storage devices, etc.) to ensure your data safety.

To further protect yourself from ransomware attacks, it is important to keep your operating system and software up-to-date with the latest security patches. Additionally, you should use a reliable anti-malware program that can detect and remove malicious threats before they can cause any damage. It is also recommended to avoid clicking on suspicious links or downloading files from untrusted sources. Finally, be sure to create regular backups of your important data and store them in a secure location.

The ransom note used by CatB reads as follows:

??? What happend???

!!! Your files are encrypted !!!

*All your files are protected by strong encryption with RSA-2048.*

*There is no public decryption software.*

###### Program and private key, What is the price? The price depends on how fast you can pay to us.######

1 day : 50 Bitcoin

2 day : 60 Bitcoin

3 day : 90 Bitcoin

4 day : 130 Bitcoin

5 day : permanent data loss !!!!

Btc Address: bc1qakuel0s4nyge9rxjylsqdxnn9nvyhc2z6k27gz

!!! After received, we will send program and private key to your IT department right now.!!!

*Free decryption As a guarantee, you can send us up to 3 free decrypted files before payment.*

email: catB9991@protonmail.com

!!! Do not attempt to decrypt your data using third-party software, this may result in permanent data loss.!!!

By Zaib
January 6, 2023
Ransomware
English
January 6, 2023
Ransomware

Popular Posts

As Fears of the Coronavirus Pandemic Spread, So Does...

5 years ago

What is the OperaGXSetup.exe File and is it Malicious?

11 months ago

Eporner.com And Why Its Excessive Pop-Ups Are Risky

11 days ago

HackTool:Win32/Crack: a Malicious Threat That Can Seriously...

7 months ago

Take Note: Someone Added You As Their Recovery Email Scam

10 months ago

A Potentially Serious Threat: Trojan:Win32/Suschil!rfn

18 days ago

Related Posts

Ransomware

RURansom Ransomware Targets Russian Users

Ukrainian cyber activists appear to have a released a file-encryption Trojan called RURansom Ransomware. According to the ransom message it uses, the malware was created in response to Russia's invasion of Ukraine.... Read more

March 11, 2022
Ransomware

N3TW0RM Ransomware Targets Israeli Businesses

A new ransomware family is being used to carry attacks against vulnerable systems. The threat, dubbed N3TW0RM Ransomware, has so far been used exclusively against Israel-based companies and users. The malicious... Read more

May 4, 2021
Ransomware

Somnia Ransomware Used against Ukrainian Targets

Ukrainian CERT warned of a new family of ransomware deployed by Russian threat actors and used to target entities located in Ukraine. The new ransomware family is called Somnia and experts believe it is linked with a... Read more

November 15, 2022
English
Loading...

Cyclonis Password Manager Details & Terms

FREE Trial: 30-Day One-Time Offer! No credit card required for Free Trial. Full functionality for the length of the Free Trial. (Full functionality after Free Trial requires subscription purchase.) To learn more about our policies and pricing, see EULA, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Home

Products

Cyclonis Password Manager Cyclonis World Time

Support

Help Files FAQs Downloads Inquiries & Support

Company

About Us Contact Us Report Abuse

Legal (Post Merger)

EnigmaSoft Limited (fka Cyclonis Limited)

Cyclonis Password Manager's EULA Cyclonis World Time's Terms of Service Privacy Policy Cookie Policy Special Discount Offer Terms Additional Terms & Conditions SpyHunter EULA RegHunter EULA EnigmaSoft Privacy Policy & Cookie Policy ESG Privacy Policy & Cookie Policy EnigmaSoft Discount Offer Terms ESG Discount Offer Terms

© 2017-2025 Cyclonis Ltd. CYCLONIS is a trademark of EnigmaSoft Limited (Cyclonis was merged into EnigmaSoft Limited effective November 25, 2023.) All rights reserved.

Registered Office EnigmaSoft Limited: 1 Castle Street, 3rd Floor, Dublin 2 D02 XD82, Ireland.
EnigmaSoft Limited, Private Company Limited by shares, Company Registration Number 597114.

Windows is a trademark of Microsoft, registered in the U.S. and other countries.
Mac, iPhone, iPad and App Store are trademarks of Apple Inc., registered in the U.S. and other countries.
iOS is a registered trademark of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
Android and Google Play are trademarks of Google LLC.