Google Ransomware Has Nothing to Do With Google
Our analysis of malware samples submitted to online threat databases has revealed a new type of ransomware called Google. This ransomware is part of the Chaos ransomware family and its main objective is to encrypt files. Google ransomware also drops a ransom note called "read_it.txt" after encrypting files.
To modify file names, Google ransomware adds the extension ".google" to the end of the original file extension. For instance, if a file is named "1.jpg", Google ransomware renames it to "1.jpg.google". It is worth noting that this ransomware is not related to the Google company.
The ransom note left by the attackers informs victims that their computer has been infected with ransomware and all of their files have been encrypted. In order to recover their files, victims are instructed to purchase a specialized decryption software for $24,622.70, which can only be paid in Bitcoin.
The ransom note suggests that if the payment is not made, victims will permanently lose access to their encrypted files. A Bitcoin address is provided in the note for victims to make the payment.
Google Ransomware Demands in Full Copy Usual Chaos Template
The complete ransom note generated by the Google Ransomware reads as follows:
All of your files have been encrypted
Your computer was infected with a ransomware virus. Your files have been encrypted and you won't
be able to decrypt them without our help.What can I do to get my files back?You can buy our special
decryption software, this software will allow you to recover all of your data and remove the
ransomware from your computer.The price for the software is $24,622.70. Payment can be made in Bitcoin only.
How do I pay, where do I get Bitcoin?
Purchasing Bitcoin varies from country to country, you are best advised to do a quick google search
yourself to find out how to buy Bitcoin.
Many of our customers have reported these sites to be fast and reliable:
Coinmama - hxxps://www.coinmama.com Bitpanda - hxxps://www.bitpanda.comPayment informationAmount: 2.1473766 BTC
Bitcoin Address: 17CqMQFeuB3NTzJ2X28tfRmWaPyPQgvoHV
How Can You Protect Your System From Ransomware Strains Similar to the Google Ransomware?
To protect your system from ransomware strains similar to the Google ransomware, you should take the following steps:
- Keep your operating system and all software up to date with the latest security patches.
- Use a reputable anti-virus/anti-malware program and keep it updated.
- Be cautious when opening email attachments, especially if they are from unknown senders.
- Regularly backup your files to an external hard drive or cloud-based storage system.
- Use strong and unique passwords for all accounts, and enable two-factor authentication whenever possible.
- Disable macros in Microsoft Office documents unless you absolutely need to use them.
- Avoid downloading and installing software from untrusted sources.
- Educate yourself and your employees about how to recognize and avoid phishing emails and other social engineering attacks.
- Consider using endpoint detection and response (EDR) software to detect and respond to potential ransomware attacks.
- Implement access controls and restrict user privileges to minimize the impact of any successful ransomware attack.