MALARIA VIRUS Ransomware Threatens Data Leaks

Our researchers identified the MALARIA VIRUS ransomware during a review of new file samples. This malicious software is a variant based on the Chaos ransomware. Upon testing a sample of MALARIA VIRUS on our system, it proceeded to encrypt files and alter their filenames.

The original filenames were modified by appending an extension consisting of four random characters. For instance, a file named "1.jpg" was transformed into "1.jpg.pl4s", "2.png" became "2.png.mlr1", and so forth for all affected files on our test system.

Following the encryption process, the ransomware changed the desktop wallpaper and placed a ransom note named "INSTRUCTIONS.txt". The message within this note informs the victim that their files have been encrypted and suggests that all their devices have been infected, with sensitive data from these devices having been extracted.

To obtain decryption software, the victim is instructed to purchase it for $149.99 in Monero (XMR) cryptocurrency. The ransom amount is also specified as 1.235 XMR, approximately equivalent to $150 (bearing in mind that conversion rates are subject to fluctuations).

A deadline of twenty-four hours is given for compliance. Failure to pay will result not only in continued inaccessibility to the affected data but also in the leaking of stolen files/information (e.g., photos, videos, search history, notes, etc.) to the victim's contact list.

MALARIA Ransom Note in Full

The full text of the ransom note produced by the MALARIA ransomware reads as follows:

THE MALARIA VIRUS™

YOU HAVE BEEN HACKED

All of your files are now encrypted…

Your computer was infected with a ransomware virus.
Your files are now encrypted and you will not be able to access them without our help.

What can I do to get my files back?

You can order our decryption software, which will allow you to recover all of your data and remove the ransomware from your computer. The price for the software is $149.99. Payment is made EXCLUSIVELY through a cryptocurrency called MONERO (XMR).

BEFORE WE CONTINUE

Just a quick disclamer…

It ain't just your personal computer that we currently have access to. Far from that. We have remote access to EVERY device on your home network, together with data on such devices.

Failure to make a successful transaction will result in all of your personal information (photos, videos, search history, notes etc.) being published to the people from your contacts list. It would be a pretty unpleasant scenario, but it can easily be avoided.

Deleting them won't help you, as they are already backed up on our servers, in case you believe you can outsmart us.
No guide, expert, google search or an authority will help you resolve this, only a quick transaction (more on it later on).

If you still believe we are bluffing, test your luck.

You have 24 HOURS to complete the transaction…

How do I Pay?

Purchasing Monero is not difficult, the best you can do is a quick google search on how to acquire some.

These sites are said to be the easiest to understand and most reliable:

hxxps://www.coinbureau.com/guides/how-to-use-monero/
hxxps://www.getmonero.org/resources/user-guides/make-payment.html

You can send the specified amount to any of these 5 addresses:

1.84LaGDZBun7Eh5byzGjAm49qHexyTR8k2ZxMKMdujW17C qMQFeuB3NTzJ2X28tfRmWaPyPQgvoHVDYmN4q2cPtP85CPjo6r
2.82hFADnc17CqMQFeuB3NTzJ2X28tfRmWaPyPQgvoHVzb 7vL8Kb8rmmnUw6eQYyNeZw6yp5fAKTiLCFrHvXNewSC9363xXzn
3.84KvQhitPgx9tBwV9TZKgEWhQxpLFeE4keh7CncPCWZiN TvGRkpApGmB7rzQztmJ7caad8oWLbkzTaMpv6v2QWLfT3ZhLwu
4.85GUskKaCUNCmpgVqFGarwXPAD5jN6kbGY7NPWtPAU v25YcBrv5fQk17CqMQFeuB3NTzJ2X28tfRmWaPyPQgvoHVLeWEYhZ
5.8ARUSgkNHuRDvjJfygpNMX6WoLgERac9rS9i8CsXs17C qMQFeuB3NTzJ2X28tfRmWaPyPQgvoHViDcQuzvLYinpfHGdEEi4

Payment amount: 1.235 XMR (Adjust it to the current value, it should
be $150)

MAKE SURE TO LEAVE YOUR E-MAIL IN THE DESCRIPTION WHEN SENDING FUNDS!

Otherwise we won't know who to send the software to.

THE MALARIA VIRUS™

How Can Ransomware Infect Your System?

Ransomware can infect your system through various methods, including:

Phishing Emails: One common method is through phishing emails that contain malicious attachments or links. When a user clicks on these links or downloads and opens the attachments, the ransomware can be installed on the system.

Malicious Websites: Visiting compromised or malicious websites can also lead to drive-by downloads, where ransomware is automatically downloaded and executed on your system without your knowledge or consent.

Vulnerable Software: Exploiting vulnerabilities in software or operating systems (through methods like exploit kits) can allow ransomware to gain access to your system. It's crucial to keep your software and operating systems up to date with the latest security patches to mitigate this risk.

Remote Desktop Protocol (RDP) Attacks: Attackers can exploit weak or unprotected Remote Desktop Protocol connections to gain access to your system and deploy ransomware.

Malvertising: Malicious advertisements (malvertising) on legitimate websites can redirect users to websites hosting ransomware or initiate automatic downloads of ransomware onto the system.

External Storage Devices: Connecting infected external storage devices like USB drives or external hard drives to your system can introduce ransomware if the devices themselves are compromised.

Software Downloads: Downloading software from untrusted or unofficial sources (especially pirated or cracked software) can expose your system to ransomware and other malware.

Social Engineering: Attackers can use social engineering tactics to trick users into running malicious scripts or granting administrative privileges to ransomware.

By Zaib
May 7, 2024
Ransomware
English
May 7, 2024
Ransomware

Popular Posts

As Fears of the Coronavirus Pandemic Spread, So Does...

4 years ago

Error: Ox800VDS Pop-up Scam

1 month ago

Softcnapp Potentially Unwanted Application

3 months ago

Bgzq Ransomware is Based on Djvu

15 days ago

Remor.xyz Browser Hijacker

1 month ago

Bgjs Ransomware Encrypts Victim Data

15 days ago

Related Posts

Ransomware

2023lock Ransomware Threatens Data Leaks

2023lock operates as a type of ransomware malware with the primary purpose of encrypting data and demanding ransom payments for its decryption. During our testing on a virtual machine, 2023lock successfully encrypted... Read more

February 19, 2024
Ransomware

Bl00dyAdmin Ransomware Threatens Data Leaks

Upon analyzing new malware samples, we identified a variant of ransomware referred to as Bl00dyAdmin. This malicious software encrypts data and alters the names of encrypted files by appending the ".CRYPT" extension.... Read more

February 27, 2024
Ransomware

INC Ransomware Threatens Data Leaks

INC is a form of ransomware designed to encrypt data and request payment in exchange for decryption. During our testing, this malicious program encrypted files and altered their filenames by adding a ".INC" extension.... Read more

August 17, 2023
English
Loading...

Cyclonis Backup Details & Terms

The Free Basic Cyclonis Backup plan gives you 2 GB of cloud storage space with full functionality! No credit card required. Need more storage space? Purchase a larger Cyclonis Backup plan today! To learn more about our policies and pricing, see Terms of Service, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Cyclonis Password Manager Details & Terms

FREE Trial: 30-Day One-Time Offer! No credit card required for Free Trial. Full functionality for the length of the Free Trial. (Full functionality after Free Trial requires subscription purchase.) To learn more about our policies and pricing, see EULA, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Home

Products

Cyclonis Backup Cyclonis Password Manager Cyclonis World Time

Support

Help Files FAQs Downloads Inquiries & Support

Company

About Us Contact Us Report Abuse

Legal (Post Merger)

EnigmaSoft Limited (fka Cyclonis Limited)

Cyclonis Backup's Terms of Service Cyclonis Password Manager's EULA Cyclonis World Time's Terms of Service Privacy Policy Cookie Policy Special Discount Offer Terms Additional Terms & Conditions SpyHunter EULA RegHunter EULA EnigmaSoft Privacy Policy & Cookie Policy ESG Privacy Policy & Cookie Policy EnigmaSoft Discount Offer Terms ESG Discount Offer Terms

© 2017-2024 Cyclonis Ltd. CYCLONIS is a trademark of EnigmaSoft Limited (Cyclonis was merged into EnigmaSoft Limited effective November 25, 2023.) All rights reserved.

Registered Office EnigmaSoft Limited: 1 Castle Street, 3rd Floor, Dublin 2 D02 XD82, Ireland.
EnigmaSoft Limited, Private Company Limited by shares, Company Registration Number 597114.

Windows is a trademark of Microsoft, registered in the U.S. and other countries.
Mac, iPhone, iPad and App Store are trademarks of Apple Inc., registered in the U.S. and other countries.
iOS is a registered trademark of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
Android and Google Play are trademarks of Google LLC.