Iowd Ransomware Joins Djvu Family
A recent analysis of malware samples revealed a new variant of the Djvu ransomware family, which researchers have named Iowd. The primary objective of Iowd is to encrypt files on an infected system and append the ".iowd" extension to their filenames. The ransomware also generates a ransom note called "_readme.txt," which contains instructions on how to pay the ransom to obtain the decryption key.
The ransomware may be distributed alongside other information stealers such as RedLine or Vidar, making the threat even more severe. To provide an example of how Iowd renames files, it changes the filename "1.jpg" to "1.jpg.iowd" and "2.png" to "2.png.iowd."
The ransom note warns that the decryption of files is only possible using a decryption tool and a unique key that the attackers hold. The note also includes partial payment details and two email addresses (support at freshmail.top and datarestorehelp at airmail.cc) for contacting the attackers.
It is worth noting that the decryption tools are only available for purchase, and the price is $980. However, if the victims contact the attackers within 72 hours of the encryption, they can acquire the decryption tools at a discounted price of $490.
The Iowd Ransom Note Copies Usual Djvu Template
The complete text of the Iowd ransom note reads as follows:
ATTENTION!
Don't worry, you can return all your files!
All your files like pictures, databases, documents and other important are encrypted with strongest encryption and unique key.
The only method of recovering files is to purchase decrypt tool and unique key for you.
This software will decrypt all your encrypted files.
What guarantees you have?
You can send one of your encrypted file from your PC and we decrypt it for free.
But we can decrypt only 1 file for free. File must not contain valuable information.
You can get and look video overview decrypt tool:
hxxps://we.tl/t-vdhH9Qcpjj
Price of private key and decrypt software is $980.
Discount 50% available if you contact us first 72 hours, that's price for you is $490.
Please note that you'll never restore your data without payment.
Check your e-mail "Spam" or "Junk" folder if you don't get answer more than 6 hours.To get this software you need write on our e-mail:
support@freshmail.topReserve e-mail address to contact us:
datarestorehelp@airmail.ccYour personal ID:
How Can You Protect Your Data from Ransomware Attacks Similar to Iowd?
There are several measures you can take to protect your data from ransomware attacks similar to Iowd:
- Keep your software up to date: Ransomware often exploits vulnerabilities in software to gain access to a system. Regularly updating software helps patch those vulnerabilities, reducing the risk of an attack.
- Use anti-malware software: Anti-malware software can help detect and block ransomware before it can infect your system.
- Backup your data: Regularly backing up your data can help you restore your files if they are encrypted by ransomware. Ensure that your backups are stored separately from your system and network to prevent them from being encrypted as well.
- Be cautious of suspicious emails and links: Ransomware can be distributed through phishing emails and malicious links. Always be cautious of emails and links from unknown sources and avoid clicking on suspicious links or downloading attachments from them.
- Use strong passwords: Strong passwords can make it harder for attackers to gain access to your system, network, and data. Consider using a password manager to create and store strong, unique passwords for all your accounts.
- Educate yourself and your employees: Educate yourself and your employees on the risks of ransomware and how to avoid it. Make sure that everyone knows what to do in case of an attack, such as disconnecting from the network and contacting IT support immediately.
