Ewdf Ransomware
A new ransomware variant has been spotted in the wild. The new malicious tool is called the Ewdf ransomware, named after the file extension it appends to encrypted files. Ewdf is the latest ransomware vatiant to join the near-infinite lineup of Djvu ransomware clones.
Once it deploys on a victim system, Ewdf encrypts files and will affect most media, archive, document and database file formats. Encrypted files receive the ".ewdf" extension, appended after their original one.
The ransomware drops its ransom note in a plain text file named "_readme.txt". The contents of the ransom note are the same as the last few dozen Djvu clones we have covered. The hackers are asking for $490 in ransom initially, hiking this up to $980 if ransom is not paid within 72 hours.
The full text of the ransom note goes as follows:
ATTENTION!
Don't worry, you can return all your files!
All your files like photos, databases, documents and other important are encrypted with strongest encryption and unique key.
The only method of recovering files is to purchase decrypt tool and unique key for you.
This software will decrypt all your encrypted files.
What guarantees you have?
You can send one of your encrypted file from your PC and we decrypt it for free.
But we can decrypt only 1 file for free. File must not contain valuable information.
You can get and look video overview decrypt tool:
hxxps://we.tl/t-WbgTMF1Jmw
Price of private key and decrypt software is $980.
Discount 50% available if you contact us first 72 hours, that's price for you is $490.
Please note that you'll never restore your data without payment.
Check your e-mail "Spam" or "Junk" folder if you don't get answer more than 6 hours.
To get this software you need write on our e-mail:
restorealldata at firemail dot cc
Reserve e-mail address to contact us:
gorentos at bitmessage dot ch
Our Telegram account:
@datarestore
Your personal ID:
Naturally, there is no way to know if you would ever receive a working decryption tool even if you pay the ransom, so it's best to use an offline backup to recover your files.