ExilenceTG Ransomware is a New Key Group Variant
While analyzing malware samples, a new type of ransomware was discovered and named ExilenceTG by the researchers. The new variant is an offshoot of the Key Group ransomware.
ExilenceTG encrypts files and adds the extension ".exilenceTG" to the original file names. Additionally, it generates a text file named "cyber.txt". For instance, if a file named "1.jpg" is encrypted, it will be renamed to "1.jpg.exilenceTG". The ransom note claims that the victim's system has been locked and their crucial data has been encrypted. However, it also ensures that the files are secure.
To recover the encrypted files, the victim must contact the attacker via the email address (email@example.com) or Telegram username (@exilenceTG) provided in the note. The ransom note also lists several email addresses for Telegram support, including firstname.lastname@example.org, email@example.com, firstname.lastname@example.org, email@example.com, firstname.lastname@example.org, email@example.com, stopCA@telegram.org, and firstname.lastname@example.org.
ExilenceTG Uses Telegram for Contact
The complete ransom note used by ExilenceTG reads as follows:
YOUR SYSTEM IS LOCKED AND ALL YOUR IMPORTANT DATA HAS BEEN ENCRYPTED.
DON'T WORRY YOUR FILES ARE SAFE.
To return them, write to telegram: @exilenceTG Email/ email@example.com
greetings from keygroup777
your files were encrypted with military algorithms:)
our allies and friends:
employees of our program/company:
How Can You Protect Your Home Computer from Ransomware Like ExilenceTG?
Ransomware attacks like ExilenceTG can be devastating to individuals and businesses alike. Here are some steps you can take to protect your home computer from ransomware:
Keep your software up to date: Make sure to regularly update your operating system, web browser, and other software applications to the latest versions to ensure that known vulnerabilities are patched.
Install anti-virus software: A reputable anti-virus program can detect and block many types of ransomware before they can infect your computer.
Backup your data: Regularly backup your important data to an external hard drive or cloud storage service, so that you can restore your data in case of a ransomware attack.
Use caution when clicking links and downloading attachments: Do not open email attachments or click on links from unknown sources, especially those with a .zip, .exe, or .js extension. Verify the legitimacy of the sender before opening attachments or clicking on links.
Enable two-factor authentication: Two-factor authentication can add an extra layer of security to your online accounts, making it more difficult for attackers to gain access to your personal information.