What is Hvzgbo Ransomware?
Hvzgbo is a ransomware threat belonging to the Snatch family. It encrypts files and appends ".hvzgbo" extensions to filenames, as well as drops a ransom note named "HOW TO RESTORE YOUR FILES.TXT". This malicious software was discovered by malware researchers while analyzing samples submitted on VirusTotal.
Table of Contents
What does Hvzgbo Ransomware do to your computer?
Hvzgbo Ransomware changes the names of encrypted files and adds ".hvzgbo" at the end of each filename. For example, it renames "1.jpg" to "1.jpg.hvzgbo", "2.png" to "2.png.hvzgbo", and so forth . The ransom note states that cybercriminals have downloaded more than 250 GB data from infected computers which includes confidential documents, databases, backups, personal data and mailboxes. It asks victims not to try any third-party tools or decrypting themselves in order restore their files since these will damage them permanently instead of recovering them back safely.
The ransom note contains Tox chat ID , an email address i.e. restore_help@swisscows.email and datasto100@tutanota.com, which are used by cybercriminals to contact the victims . It also warns that if they aren’t contacted within three days, their files will be published publicly as well as on Dark Web sites known for its malicious activities.
Should You Pay The Hvzgbo Ransom?
Paying the ransom is not recommended, as there’s no surety of getting the files back safely and securely. The only way to decrypt files without paying a ransom is with the help of a third-party decryptor tool (if available) or by restoring them from a backup of your system.
How To Remove Hvzgbo Ransomware
Removal of Hvzgbo Ransomware can be successfully done by using an updated and trusted antimalware program, which may automatically find and delete all components or files associated with Hvzgbo. After the removal of Hvzgbo Ransomware, the computer user may then restore any left-over encrypted files from a backup of their computer.
