Loplup Ransomware Uses Tox Chat for Contact
Loplup ransomware is the name of a newly discovered ransomware variant. The new strain is a member of the relatively unpopular Zeppelin ransomware family.
Loplup encrypts the victim system, leaving files essentially unreadable. The encryption process will affect the majority of file extensions on the system's drives, including media, document, archive and database files, among others.
Encrypted files receive a multi-string extension, consisting of the victim's ID code and the string ".loplup". This will turn a file originally named "document.doc" into "document.doc.loplup.[id string].
The ransom note is dropped inside a file named "!!! ALL YOUR FILES ARE ENCRYPTED !!!.TXT" and it contains the following text:
!!! ALL YOUR FILES ARE ENCRYPTED !!!
All your files, documents, photos, databases and other important files are encrypted.
You are not able to decrypt it by yourself! The only method of recovering files is to purchase an unique private key.
Only we can give you this key and only we can recover your files.
To be sure we have the decryptor and it works you can send an email: email@example.com and decrypt one file for free.
But this file should be of not valuable!
Do you really want to restore your files?
Write to email: loplup at cock dot li
1. Visit hxxps://tox.chat/download.html
2. Download and install qTOX on your PC.
3. Open it, click "New Profile" and create profile.
4. Click "Add friends" button and search our contact - 126E30C4CC9DE90F79D1FA90830FDC2069A2E981ED26B6DC148DA8827FB3D63A1B46CFDEC191
Your personal ID: -
* Do not rename encrypted files.
* Do not try to decrypt your data using third party software, it may cause permanent data loss.
* Decryption of your files with the help of third parties may cause increased price (they add their fee to our) or you can become a victim of a scam.