Mzqw Ransomware is a New Djvu Clone

Mzqw is a type of ransomware that belongs to the Djvu family. It was identified by malware researchers while examining samples submitted to online threat databases.

Mzqw encrypts data and adds a ".mzqw" extension to filenames, as well as dropping a ransom note called "_readme.txt". It is known that this type of ransomware is often distributed alongside information stealers such as RedLine and Vidar.

The ransom note states that victims must purchase decryption software and a unique key in order to restore access to their files. If they contact the threat actors within 72 hours using either support@freshmail.top or datarestorehelp@airmail.cc, they will be able to buy the decryption tools for $490 instead of $980.

Additionally, victims are allowed to send one encrypted file for free decryption before paying the ransom or buying the decryption tools.

The Mzqw ransomware note in full

The complete text contained in the "_readme.txt" file reads as follows:

ATTENTION!

Don't worry, you can return all your files!
All your files like pictures, databases, documents and other important are encrypted with strongest encryption and unique key.
The only method of recovering files is to purchase decrypt tool and unique key for you.
This software will decrypt all your encrypted files.
What guarantees you have?
You can send one of your encrypted file from your PC and we decrypt it for free.
But we can decrypt only 1 file for free. File must not contain valuable information.
You can get and look video overview decrypt tool:
hxxps://we.tl/t-cud8EGMtyB
Price of private key and decrypt software is $980.
Discount 50% available if you contact us first 72 hours, that's price for you is $490.
Please note that you'll never restore your data without payment.
Check your e-mail "Spam" or "Junk" folder if you don't get answer more than 6 hours.

To get this software you need write on our e-mail:
support@freshmail.top

Reserve e-mail address to contact us:
datarestorehelp@airmail.cc

Your personal ID:

What can you do to protect your files from an attack from ransomware like the Mzqw ransomware

To protect your data from ransomware attacks, it is important to take the steps needed to ensure that your computer and network are secure. This includes regularly updating software and your operating system, using strong passwords, avoiding suspicious emails and websites, backing up important files on a regular basis, and using reliable antivirus software. Additionally, users should be aware of phishing scams and other malicious activities that could lead to a ransomware attack. Users should make sure to keep their system patched with the latest security updates in order to minimize the risk of infection.

How can ransomware like Mzqw get inside your system?

Ransomware is a type of malicious software that can infect a computer system and encrypt its data, making it inaccessible until a ransom is paid. Ransomware can get into your computer in several ways, including through phishing emails, malicious websites, or by exploiting unpatched security vulnerabilities. It is important to be aware of the signs of ransomware infection, such as unexpected pop-ups or changes to your files. Additionally, users should take steps to protect their systems from ransomware attacks by regularly updating software and operating systems, using strong passwords, avoiding suspicious emails and websites, backing up important files on a regular basis, and using reliable antivirus software. Finally, users should make sure to keep their system patched with the latest security updates in order to minimize the risk of infection.

January 19, 2023