Nbzi Ransomware Will Lock Victims' Files
After analyzing new malware samples, we discovered Nbzi - a type of ransomware associated with the Djvu family. Nbzi encrypts files on the victim's system and modifies their filenames by appending the ".nbzi" extension. Additionally, Nbzi generates a ransom note in the form of a "_readme.txt" file.
For instance, the renaming process for files encrypted by Nbzi follows this pattern: "1.jpg" becomes "1.jpg.nbzi," and "2.png" transforms into "2.png.nbzi."
The encrypted files are safeguarded with a robust algorithm and a unique key. The sole method for file recovery involves purchasing a decrypt tool and obtaining the unique key. To demonstrate their decryption capabilities, the attackers offer to decrypt one file for free as proof of their proficiency.
The ransom note features a time-sensitive discount and provides two email addresses (support@freshmail.top and datarestorehelpyou@airmail.cc) for communication. Emphasis is placed on the urgency of responding within 72 hours, and a warning is issued that data restoration is deemed impossible without payment.
Nbzi Ransom Note Follows Familiar Djvu Format
The full text of the Nbzi ransom note reads as follows:
ATTENTION!
Don't worry, you can return all your files!
All your files like pictures, databases, documents and other important are encrypted with strongest encryption and unique key.
The only method of recovering files is to purchase decrypt tool and unique key for you.
This software will decrypt all your encrypted files.
What guarantees you have?
You can send one of your encrypted file from your PC and we decrypt it for free.
But we can decrypt only 1 file for free. File must not contain valuable information.
You can get and look video overview decrypt tool:
hxxps://we.tl/t-8dGJ2tqlOd
Price of private key and decrypt software is $980.
Discount 50% available if you contact us first 72 hours, that's price for you is $490.
Please note that you'll never restore your data without payment.
Check your e-mail "Spam" or "Junk" folder if you don't get answer more than 6 hours.To get this software you need write on our e-mail:
support@freshmail.topReserve e-mail address to contact us:
datarestorehelpyou@airmail.ccYour personal ID:
How Can You Best Protect Your Data from Ransomware Attacks?
Protecting your data from ransomware attacks is crucial in maintaining the integrity and confidentiality of your information. Here are some best practices to help you safeguard your data:
Regular Backups:
Regularly back up your important data to an external device or a secure cloud service. Ensure that backups are automated, and verify their integrity periodically.
Offline Backups:
Keep a portion of your backups offline to prevent them from being compromised by ransomware. Disconnect external backup drives after the backup process.
Use Reliable Security Software:
Install and regularly update reputable antivirus and anti-malware software. Keep these security programs running in the background to detect and block potential threats.
Update Software Promptly:
Ensure that your operating system, antivirus software, and all applications are up to date with the latest security patches. Regular updates help close vulnerabilities that could be exploited by ransomware.
Exercise Caution with Email:
Be cautious when opening email attachments or clicking on links, especially if the sender is unknown. Avoid downloading attachments or clicking on links from suspicious or unexpected emails.
User Education:
Educate yourself and your team about the dangers of phishing attacks and social engineering tactics. Be wary of unexpected emails, especially those requesting sensitive information or actions.
Network Security:
Implement strong network security measures, including firewalls, intrusion detection systems, and secure Wi-Fi networks. Regularly update router firmware and use strong, unique passwords.
