What is Industrial Spy Market Ransomware?

Industrial Spy Mark Ransomware is the name given to a new strain of file-encrypting malware. There is no hard evidence that the new strain belongs to any of the big ransomware families.

Unlike the majority of popular ransomware types, Industrial Spy Market ransomware does not alter the names of files once it encrypts them. Both the name of the affected file and its extension remain intact, with no new extension added, making it virtually impossible to determine which files are encrypted unless you try opening them.

The ransomware threatens to steal data allegedly exfiltrated from the victim system and publish it on the dark web unless the victim pays up. Of course, victims can never be sure that they will receive a working decryption tool even if they do decide to play along and pay the ransom.

There is no fixed ransom demand in the note dropped by the ransomware. The file used for the note is named "readme.html" and is dropped on the desktop after encryption.

The full text of the ransom note goes as follows:

Greetings!

Unfortunately we have to report you that your company was compromised. All your files were encrypted and you can't restore them without our private key. Trying to restore it without our help may cause complete loss of your data.

Also we researched whole your corporate network and downloaded all your sensitive data to our servers. If we will not get any contact from you in 3 next days we will publish your data on the site "Industrial Spy Market"

You can find it there (hxxp://spyarea23ttlty6qav3ecmbclpqym3p32lksanoypvrqm6j5onstsjad.onion)

Tr Browser is needed (hxxps://www.torproject.org/download/)

Also we respect your work and time and we are open fr communication. In that case we are ready to discuss recovering your files and work. We can grant absolute privacy and compliance with agreements by our side. Also we can provide all necessary evidence to confirm performance of our products and statements.

Feel free to contact us with quTox (hxxps://tox.chat/download.html)

Our ToxID: [alphanumeric string]

Alternative method is email:inbox at supports24 dot net

Mark your messages - your personal ID:

By Zaib
May 23, 2022
Ransomware
English
May 23, 2022
Ransomware

Popular Posts

As Fears of the Coronavirus Pandemic Spread, So Does...

5 years ago

What is the OperaGXSetup.exe File and is it Malicious?

11 months ago

Eporner.com And Why Its Excessive Pop-Ups Are Risky

11 days ago

HackTool:Win32/Crack: a Malicious Threat That Can Seriously...

7 months ago

Take Note: Someone Added You As Their Recovery Email Scam

10 months ago

A Potentially Serious Threat: Trojan:Win32/Suschil!rfn

18 days ago

Related Posts

Ransomware

Snick Ransomware Encrypts Several Files

Snick Ransomware is a dangerous malware threat that comes from the Makop family of malware threats. The actions of Snick Ransomware start with seeking out certain files, encrypting them, and then appending the .snick... Read more

March 3, 2022
Ransomware

Cryptbit Ransomware

Cryptbit ransomware is a strain of file-encrypting malware that scrambles the data inside files on the targeted system, rendering them unreadable. Once Cryptbit is deployed on a system, it will start encrypting files... Read more

May 20, 2022
Ransomware

OnlyFans Ransomware Pretends to Encrypt Files

The OnlyFans Ransomware is a piece of malware that pretends to be a fully-fledged file-encryption Trojan that possesses the ability to encrypt the files of its victims. However, the criminals also pretend to be part... Read more

April 15, 2022
English
Loading...

Cyclonis Password Manager Details & Terms

FREE Trial: 30-Day One-Time Offer! No credit card required for Free Trial. Full functionality for the length of the Free Trial. (Full functionality after Free Trial requires subscription purchase.) To learn more about our policies and pricing, see EULA, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Home

Products

Cyclonis Password Manager Cyclonis World Time

Support

Help Files FAQs Downloads Inquiries & Support

Company

About Us Contact Us Report Abuse

Legal (Post Merger)

EnigmaSoft Limited (fka Cyclonis Limited)

Cyclonis Password Manager's EULA Cyclonis World Time's Terms of Service Privacy Policy Cookie Policy Special Discount Offer Terms Additional Terms & Conditions SpyHunter EULA RegHunter EULA EnigmaSoft Privacy Policy & Cookie Policy ESG Privacy Policy & Cookie Policy EnigmaSoft Discount Offer Terms ESG Discount Offer Terms

© 2017-2025 Cyclonis Ltd. CYCLONIS is a trademark of EnigmaSoft Limited (Cyclonis was merged into EnigmaSoft Limited effective November 25, 2023.) All rights reserved.

Registered Office EnigmaSoft Limited: 1 Castle Street, 3rd Floor, Dublin 2 D02 XD82, Ireland.
EnigmaSoft Limited, Private Company Limited by shares, Company Registration Number 597114.

Windows is a trademark of Microsoft, registered in the U.S. and other countries.
Mac, iPhone, iPad and App Store are trademarks of Apple Inc., registered in the U.S. and other countries.
iOS is a registered trademark of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
Android and Google Play are trademarks of Google LLC.