Gazp Ransomware Locks Victim Systems
Gazp, a form of ransomware that belongs to the Djvu family, is known for encrypting data and appending the ".gazp" extension to file names. In addition, it also generates a "_readme.txt" file containing instructions on how to contact the criminals and make ransom payments.
This type of ransomware is often distributed along with malicious software like RedLine or Vidar. Our team came across Gazp during our research of malware samples sent to VirusTotal. As an example, it changes "1.jpg" to "1.jpg.gazp" and "2.png" to "2.png.gazp".
The ransom note left by the attackers specifies that a decryption program and a unique key should be purchased to recover the encrypted files. Victims are offered a discounted price of $490 if they contact the attackers within 72 hours, or else they will be asked to pay the full amount of $980.
The note provides two email addresses, support@freshmail.top and datarestorehelp@airmail.cc, that can be used to get in touch with the criminals and take further steps to make the payment.
Gazp Ransom Note Asks for $490 in Ransom Payment
The full text of the Gazp ransom note reads as follows:
ATTENTION!
Don't worry, you can return all your files!
All your files like pictures, databases, documents and other important are encrypted with strongest encryption and unique key.
The only method of recovering files is to purchase decrypt tool and unique key for you.
This software will decrypt all your encrypted files.
What guarantees you have?
You can send one of your encrypted file from your PC and we decrypt it for free.
But we can decrypt only 1 file for free. File must not contain valuable information.
You can get and look video overview decrypt tool:
hxxps://we.tl/t-ZyZya4Vb8D
Price of private key and decrypt software is $980.
Discount 50% available if you contact us first 72 hours, that's price for you is $490.
Please note that you'll never restore your data without payment.
Check your e-mail "Spam" or "Junk" folder if you don't get answer more than 6 hours.To get this software you need write on our e-mail:
support@freshmail.topReserve e-mail address to contact us:
datarestorehelp@airmail.ccYour personal ID:
How Can You Protect Your Data from Ransomware?
Data backups are an essential tool to protect yourself from ransomware threats. Backups should be done regularly, with a copy of the data stored on a separate device or in the cloud. Additionally, any important documents should be backed up using a cloud-based service such as Dropbox, Google Drive, or OneDrive. This way, if your computer is infected with ransomware, you can restore your data from the backup.
Another important step in protecting your data is to ensure that all of your software is kept up-to-date. Software developers often release updates with security patches to protect against emerging threats like ransomware, so it’s important to make sure you’re running the latest version of any programs or applications you use.
Make sure to also enable a strong firewall on your computer or network. Firewalls can help to block malicious traffic from entering the system, and can be used to monitor for suspicious activity. Additionally, anti-virus software should be installed and regularly updated in order to protect against any malicious files that may have been downloaded inadvertently.
