Dark Web Hacker Ransomware
The Dark Web Hacker ransomware is a new strain of file-encrypting malware. The new malware is based on the Chaos ransomware codebase and belongs to the broader Chaos variants family.
The ransomware encrypts files, leaving system-essential files intact but scrambling documents, archives, media files and databases on the target system. Once encrypted, the files receive a new extension that consists of four random alphanumeric characters.
This means that a file originally named "document.docx" may transform into something similar to "document.docx.kly9" once it has been encrypted.
The ransom demand is dropped in a text file named "read_it.txt". Additionally, the Windows wallpaper is changed too, with a message informing the victim their files are encrypted. The criminals expect victims to send them $3000 worth of Bitcoin. Of course, negotiating with criminals or sending them money is never a good idea.
The full text of the ransom note goes as follows:
'Oops !
Dark Web hacker here ;p
The bad news is ..
All of your important files have been encrypted !
to get them back you must deposit 3000$ in Bitcoin
on the following address : [alphanumeric string]
or you can never recover your data again.
The only solution :
-------------------------
is to buy our secret software which will be deliver to your inbox
for unlocking your system automatically .
Then, after payment ..
send a mail asking us to deliver our software : anonymoux at dnmx dot org'