NIGHT CROW Ransomware Asks for Ten-Dollar Ransom

ransomware lock

Our research team came across the NIGHT CROW ransomware during our examination of new file submissions. This malicious software has been designed with the purpose of encrypting data and then demanding payment in exchange for the decryption key.

When we tested NIGHT CROW on our machine, it successfully encrypted files and added an extension to their filenames. Specifically, it appended ".NIGHT_CROW" to the original filenames. For example, a file initially named "1.jpg" would become "1.jpg.NIGHT_CROW," and "2.png" would become "2.png.NIGHT_CROW," and so on. Following this encryption, a ransom note titled "NIGHT_CROW_RECOVERY.txt" was placed on the system.

The message within NIGHT CROW's ransom note notifies the victim that their files have been encrypted, but also offers reassurance that the data can be recovered. It then provides instructions for the victim to pay a ransom of 0.000384 BTC (Bitcoin cryptocurrency). At the current exchange rate, this amount is equivalent to approximately 10 USD, which is surprisingly low for ransomware.

However, it's important to note that exchange rates can fluctuate frequently. Therefore, the value of the ransom might have been different when the malware was created, and this could also apply to future variations of the ransomware.

Alternatively, the ransom amount could have been deliberately set low, possibly indicating that NIGHT CROW was released for testing purposes only. Consequently, later versions of the ransomware may demand significantly larger sums from victims.

NIGHT CROW Ransom Note Asks for 0.0003 BTC Ransom

The full text of the NIGHT CROW ransom note reads as follows:

NIGHT CROW IS HERE.

Hey! All of your documents, personal and other files are encrypted by NIGHT CROW RANSOMWARE.
But don't worry, we got you! All of your files are recoverable, but you need to pay.

Looks like you didn't waste a few money on a good protection for you pc, and here's the result.

HOW TO RECOVER YOUR FILES:
1) SEND 0,000384BTC TO 17CqMQFeuB3NTzJ2X28tfRmWaPyPQgvoHV
2) CONTACT nightcrowsupport@protonmail.com

IMPORTANT INFORMATION:
1) Do not rename any encrypted files.
2) Do not change any regedit values.
3) Do not try to decrypt by yourself.

How Can You Protect Your Data From Ransomware Attacks?

Protecting your data from ransomware attacks is crucial in today's digital landscape. Ransomware attacks can be devastating, but there are several measures you can take to safeguard your data:

Regularly Back Up Your Data:
Create frequent backups of your important data and ensure they are stored securely offline. This way, if your data is compromised, you can restore it without paying a ransom.

Use Reliable Security Software:
Install and regularly update reputable antivirus and anti-malware software. Ensure that it includes ransomware protection features.

Keep Your Software Up to Date:
Regularly update your operating system, software applications, and security software. Many ransomware attacks exploit vulnerabilities in outdated software.

Beware of Phishing Emails:
Be cautious when opening email attachments or clicking on links, especially if the sender is unknown or the email looks suspicious. Phishing emails are a common delivery method for ransomware.

Use Strong, Unique Passwords:
Create strong, complex passwords for your accounts and change them regularly. Consider using a reputable password manager to help manage your passwords.

Implement Two-Factor Authentication (2FA):
Enable 2FA for your online accounts whenever possible. This adds an extra layer of security even if your password is compromised.

By Zaib
September 27, 2023
Ransomware
English
September 27, 2023
Ransomware

Popular Posts

As Fears of the Coronavirus Pandemic Spread, So Does...

4 years ago

Microsoft Warns State-Backed Threat Actors Are Using AI in...

4 days ago

Trojan Al11 Malware Detection & Removal - An Essential...

11 months ago

Pinaview is a Fully-Featured Adware App

10 months ago

"Your iCloud is Being Hacked" and "Your iPhone has Been...

7 months ago

What is Lucky Ransomware?

7 months ago

Related Posts

Ransomware

Kriptor Ransomware Asks for Bitcoin Ransom

Yet another strain of file-encrypting malware was spotted in the wild. The newest strain is called the Kriptor ransomware. The Kriptor ransomware will encrypt almost every file on a system, leaving files essential to... Read more

July 25, 2022
Ransomware

Wizard Ransomware Asks for Modest Ransom

Wizard ransomware is the name of a newly discovered strain of file-encrypting malware. The new variant does nothing special. It will encrypt most files on the targeted computer, leaving them scrambled and unreadable.... Read more

September 30, 2022
Ransomware

Canadian Ransomware Asks for Ransom in Canadian Dollars

Canadian ransomware is the name assigned to a newly discovered strain of file-encrypting malware. The new ransomware variant works like most similar malware - it will encrypt files on the victim system and leave them... Read more

November 21, 2022
English
Loading...

Cyclonis Backup Details & Terms

The Free Basic Cyclonis Backup plan gives you 2 GB of cloud storage space with full functionality! No credit card required. Need more storage space? Purchase a larger Cyclonis Backup plan today! To learn more about our policies and pricing, see Terms of Service, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Cyclonis Password Manager Details & Terms

FREE Trial: 30-Day One-Time Offer! No credit card required for Free Trial. Full functionality for the length of the Free Trial. (Full functionality after Free Trial requires subscription purchase.) To learn more about our policies and pricing, see EULA, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Home

Products

Cyclonis Backup Cyclonis Password Manager Cyclonis World Time

Support

Help Files FAQs Downloads Inquiries & Support

Company

About Us Contact Us Report Abuse

Legal (Post Merger)

EnigmaSoft Limited (fka Cyclonis Limited)

Cyclonis Backup's Terms of Service Cyclonis Password Manager's EULA Cyclonis World Time's Terms of Service Privacy Policy Cookie Policy Special Discount Offer Terms Additional Terms & Conditions SpyHunter EULA RegHunter EULA EnigmaSoft Privacy Policy & Cookie Policy ESG Privacy Policy & Cookie Policy EnigmaSoft Discount Offer Terms ESG Discount Offer Terms

© 2017-2024 Cyclonis Ltd. CYCLONIS is a trademark of EnigmaSoft Limited (Cyclonis was merged into EnigmaSoft Limited effective November 25, 2023.) All rights reserved.

Registered Office EnigmaSoft Limited: 1 Castle Street, 3rd Floor, Dublin 2 D02 XD82, Ireland.
EnigmaSoft Limited, Private Company Limited by shares, Company Registration Number 597114.

Windows is a trademark of Microsoft, registered in the U.S. and other countries.
Mac, iPhone, iPad and App Store are trademarks of Apple Inc., registered in the U.S. and other countries.
iOS is a registered trademark of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
Android and Google Play are trademarks of Google LLC.