Mesmerised Ransomware Encrypts Victim Files
Our research team came across Mesmerised ransomware while examining recently discobered file samples. This malicious software is crafted to encrypt files and demand ransom payments for decryption.
During our testing on a system, Mesmerised successfully encrypted files and modified their filenames. Specifically, it appended a ".mesmerised" extension to the names of the affected files; for instance, "1.jpg" was transformed into "1.jpg.mesmerised," and "2.png" became "2.png.mesmerised," and so forth.
Upon completing the encryption process, the ransomware changed the desktop wallpaper and generated a ransom note named "Read_Me.txt." The message from Mesmerised ransomware assures victims that restoring encrypted files is feasible. As evidence, the note offers complimentary decryption for three files and urges victims to contact the attackers for further instructions.
Mesmerised Ransom Note Provided Tox Chat Contact
The full text of the Mesmerised ransom note reads as follows:
Don't worry, you can return all your files!
All your files like documents, photos, databases and other important are encrypted
What guarantees do we give to you?
You can send 3 of your encrypted files and we decrypt it for free.
You must follow these steps To decrypt your files :
1) Download uTox Chat from hxxps://tox.chat/ then message E17712C45962279BAE0805044C6626CF11E033229AB539C23D0080A24486861B30A20C898E4E
or message @01oq9iw on discord2) Wait for futher instructions
Why Is It Not a Good Idea to Pay Ransom Demands for Your Files?
Paying ransom demands for your files is generally not recommended for several reasons:
No Guarantee of Decryption:
There's no assurance that paying the ransom will result in the successful decryption of your files. Cybercriminals may not provide the necessary decryption key or may provide a faulty one, leaving you without your files and your money.
Supporting Criminal Activities:
Paying the ransom funds criminal activities and encourages cybercriminals to continue their malicious operations. It contributes to the growth of the cybercrime ecosystem, making it more profitable and enticing for criminals to conduct further attacks.
No Ethical Guarantee:
Even if you pay the ransom, there's no guarantee that the attackers will adhere to any ethical standards. They may still misuse or sell your sensitive information, or they might target you again in the future.
Funding Future Attacks:
By paying the ransom, you are indirectly funding future cyber attacks. The financial success of ransomware attacks encourages cybercriminals to develop and deploy more sophisticated and widespread threats.
Encouraging Targeting:
Paying the ransom may mark you as a willing target for future attacks. Cybercriminals often maintain lists of organizations or individuals who have paid, viewing them as potential repeat targets.
Possible Recurrence:
Even if you successfully decrypt your files, your system may still be compromised. The attackers might have left behind malware or backdoors, making it easier for them to strike again.
