The Mine ransomware is a new malware strain. Mine is a ransomware, which means it encrypts files on the victim system, making them unreadable. The Mine ransomware belongs to the family of ransomware types bundled together under the Djvu ransomware family.
The Mine ransomware encrypts a wide range of common media, document and database files, making their contents unreadable. The encrypted files keep their filenames and extensions but get a new ".mine" extension appended after the original one. In this way, a file called "letter.docx" will become "letter.doc.mine" once the ransomware has encrypted it.
The ransomware threat actor operating Mine is asking for a relatively modest ransom sum, given the types of ransom high-profile ransomware operations ask for. Recovery of encrypted files is promised against the payment of just under $500 if the victim contacts the hackers within 72 hours of infection. The rate for the supposed decryption tool rises to almost $1000 dollars beyond the 72-hour period.
The ransomware drops its ransom demands in a plain text file called "_readme.txt", just like other Djvu family ransomware strains. The full text of the note goes as follows:
Don't worry, you can return all your files!
All your files like pictures, databases, documents and other important are encrypted with strongest encryption and unique key.
The only method of recovering files is to purchase decrypt tool and unique key for you.
This software will decrypt all your encrypted files.
What guarantees you have?
You can send one of your encrypted file from your PC and we decrypt it for free.
But we can decrypt only 1 file for free. File must not contain valuable information.
You can get and look video overview decrypt tool:
Price of private key and decrypt software is $980.
Discount 50% available if you contact us first 72 hours, that's price for you is $490.
Please note that you'll never restore your data without payment.
Check your e-mail "Spam" or "Junk" folder if you don't get answer more than 6 hours.
To get this software you need write on our e-mail:
manager at time2mail dot ch
Reserve e-mail address to contact us:
supportsys at airmail dot cc
Your personal ID: [alphanumeric string]
There is no freely available decryption tool that can help victims recover files encrypted by this specific version of the ransomware, even though it's based on Djvu, which had a free decryptor a couple of years ago. The only solution if you need to recover your files and don't want to gamble money away paying the ransom, would be restoring your files from a backup.