Kizu Ransomware is a Djvu Variant Pilfering Files

Kizu represents a variant of ransomware that performs encryption of files and appends the ".kizu" extension to all files it affects. In addition to this, it generates a ransom note entitled "_readme.txt," containing instructions for contact and payment to the victim.

Belonging to the Djvu ransomware family, Kizu can be distributed alongside other malicious software like RedLine, Vidar, or similar information stealers. Kizu alters filenames, transforming "1.jpg" into "1.jpg.kizu," "2.png" into "2.png.kizu," and so on.

The ransom note explicitly informs the victim that their files have been encrypted and can be restored through the acquisition of decryption software and a unique key. To obtain these decryption tools, the initial price is $490, increasing to $980 if the attacker is not contacted within 72 hours.

The note underscores the necessity of payment for file restoration. Despite this, the attacker offers to decrypt a single file. To reach the threat actor, victims can use the provided email addresses: support@freshmail.top and datarestorehelp@airmail.cc.

Kizu's Ransom Note Asks for $490 in Ransom Payment

The full text of the Kizu ransom note reads as follows:

ATTENTION!

Don't worry, you can return all your files!
All your files like pictures, databases, documents and other important are encrypted with strongest encryption and unique key.
The only method of recovering files is to purchase decrypt tool and unique key for you.
This software will decrypt all your encrypted files.
What guarantees you have?
You can send one of your encrypted file from your PC and we decrypt it for free.
But we can decrypt only 1 file for free. File must not contain valuable information.
You can get and look video overview decrypt tool:
hxxps://we.tl/t-lOjoPPuBzw
Price of private key and decrypt software is $980.
Discount 50% available if you contact us first 72 hours, that's price for you is $490.
Please note that you'll never restore your data without payment.
Check your e-mail "Spam" or "Junk" folder if you don't get answer more than 6 hours.

To get this software you need write on our e-mail:
support@freshmail.top

Reserve e-mail address to contact us:
datarestorehelp@airmail.cc

Your personal ID:

How Can You Safeguard Your Data Against Ransomware like Kizu?

Protecting your data against ransomware like Kizu requires a multi-layered approach to cybersecurity. Here are some effective steps you can take to safeguard your data:

• Backup Regularly: Maintain frequent backups of your critical data on separate, offline storage or using reputable cloud backup services. In case of a ransomware attack, having backups ensures you can restore your files without giving in to the attacker's demands.
• Use Reliable Security Software: Install and regularly update reputable antivirus and anti-malware software on all your devices. These security tools can detect and prevent ransomware infections.
• Keep Software Updated: Regularly update your operating system, applications, and security software to patch any known vulnerabilities. Ransomware often exploits outdated software to gain access to your system.
• Enable Firewall Protection: Keep your firewall turned on to block unauthorized access to your network and devices.
• Be Cautious with Email Attachments and Links: Avoid opening suspicious emails, especially those from unknown senders, and never download attachments or click on links from untrusted sources. Ransomware can often spread through phishing emails.
• Use Strong Passwords and Multi-Factor Authentication: Employ strong, unique passwords for all your accounts, and consider enabling multi-factor authentication (MFA) to add an extra layer of security.