Payuransom Ransomware Locks Files
Payuransom is a type of ransomware engineered to encrypt files, adding the ".payuransom" extension to their filenames, altering the desktop wallpaper of the victim, and generating a ransom note named "ReadMeForDecrypt.txt". Its primary objective is to coerce money from its targets. For instance, it alters file names such as "1.jpg" to "1.jpg.payuransom" and "2.png" to "2.png.payuransom", and so forth.
The ransom note is available in Russian, English, and French. It notifies the victim about the ransomware infection, which has resulted in the encryption of all their files. It insists that decryption is only possible through the purchase of specialized software, priced at $130 and payable in Bitcoin (or Ethereum).
The note instructs the victim on how to obtain Bitcoin and suggests platforms for its purchase. Furthermore, it furnishes contact details for the attacker via email (imhere.ru77@gmail.com) or Telegram (@payurransom) for payment confirmation and the delivery of the decryption key.
The note induces a sense of urgency and reliance on the ransomware operators for file recovery. By highlighting the exclusive payment method and the repercussions of non-compliance, it seeks to compel the victim into immediate action.
Payuransom Ransom Note in Full
The complete lengthty text of the ransom note produced by Payuransom goes as follows:
ALL YOUR FILES ARE ENCRYPTED
Оставайтесь сосредоточенными.
Все ваши файлы зашифрованы
Ваш компьютер заражен вирусом-вымогателем.
Ваши файлы зашифрованы, и вы не будете
сможете расшифровать их без нашей помощи.
Что я могу сделать, чтобы восстановить файлы?
Вы можете купить наше программное обеспечение для дешифрования, это программное обеспечение позволит вам восстановить все ваши данные и удалить
программы-вымогатели с вашего компьютера.
Цена программного обеспечения составляет 130 долларов США (0,0027 BTC).
может быть произведена только в биткойнах.
Как оплатить, где я могу получить биткойны?
Покупка биткойнов варьируется от страны к стране, лучше всего выполнить быстрый поиск в Google.
Сами узнайте, как купить биткойн.
Многие из наших клиентов отмечают, что эти сайты работают быстро и надежно:
Коинмама — hxxps://www.coinmama.com
Битпанда — hxxps://www.bitpanda.com
BTC : 19DpJAWr6NCVT2oAnWieozQPsRK7Bj83r4
ETH : 0x55069B5317529E07ccABAaA5AaE22a9bfa1C3E12
Для подтверждения покупки свяжитесь с администратором по электронной почте или в Telegram:
Электронная почта — imhere.ru77@gmail.com
ТЛГ - @payurransomStay focused.
All your files have been encrypted
Your computer has been infected with a ransomware virus. Your files have been encrypted and you won't be
be able to decipher them without our help. What can I do to recover my files?
You can buy our decryption software, this software will allow you to recover all your data and delete the ransomware from your computer.
The price of the software is $130 (0.0027 BTC).
Payment can only be made in Bitcoin.
How to pay, where can I get Bitcoin?
Buying Bitcoin varies from country to country, it's best to do a quick Google search.
Yourself to find out how to buy Bitcoin.
Many of our customers have reported these sites to be fast and reliable:
Coinmama - hxxps://www.coinmama.com
Bitpanda - hxxps://www.bitpanda.com
BTC : 19DpJAWr6NCVT2oAnWieozQPsRK7Bj83r4
ETH : 0x55069B5317529E07ccABAaA5AaE22a9bfa1C3E12
To confirm your purchase, please contact the administrator via email or Telegram:
Email - imhere.ru77@gmail.com
TLG - @payurransomRestez concentré.
Tous vos fichiers ont été cryptés
Votre ordinateur a été infecté par un virus ransomware. Vos fichiers ont été cryptés et vous ne le serez pas pouvoir les décrypter sans notre aide.
Que puis-je faire pour récupérer mes fichiers ?
Vous pouvez acheter notre logiciel de décryptage, ce logiciel vous permettra de récupérer toutes vos données et de supprimer les
ransomware depuis votre ordinateur.
Le prix du logiciel est de 130 $ ( 0,0027 BTC).
Le paiement peut être effectué uniquement en Bitcoin.
Comment payer, où puis-je obtenir du Bitcoin ?
L'achat de Bitcoin varie d'un pays à l'autre, il est préférable de faire une recherche rapide sur Google.
Vous-même pour découvrir comment acheter du Bitcoin.
Beaucoup de nos clients ont signalé que ces sites étaient rapides et fiables :
Coinmama - hxxps://www.coinmama.com
Bitpanda - hxxps://www.bitpanda.com
BTC : 19DpJAWr6NCVT2oAnWieozQPsRK7Bj83r4
ETH : 0x55069B5317529E07ccABAaA5AaE22a9bfa1C3E12
Pour confirmer votre achat, veuillez contacter l'administrateur via mail ou Telegram :
Mail - imhere.ru77@gmail.com
TLG - @payurransom
How is Ransomware Commonly Distributed Online?
Ransomware is commonly distributed online through several methods, including:
Phishing Emails: Attackers often send deceptive emails containing malicious attachments or links. These emails may appear legitimate, often impersonating well-known companies or individuals. Clicking on links or opening attachments can result in the download and execution of ransomware.
Malvertising: Malicious advertisements (malvertising) on legitimate websites can redirect users to websites hosting exploit kits. These kits can exploit vulnerabilities in web browsers or plugins to silently install ransomware on the victim's system.
Exploit Kits: Cybercriminals use exploit kits to automate the process of exploiting vulnerabilities in software. When a user visits a compromised website, the exploit kit scans their system for vulnerabilities and delivers ransomware payloads to exploit them.
Remote Desktop Protocol (RDP) Attacks: Attackers target systems with weak or default Remote Desktop Protocol (RDP) credentials. Once they gain access, they install ransomware directly onto the compromised system or network.
Software Vulnerabilities: Ransomware can exploit unpatched vulnerabilities in operating systems, software applications, or network devices. Exploiting these vulnerabilities allows attackers to gain unauthorized access and deploy ransomware.
Drive-by Downloads: In drive-by download attacks, ransomware is automatically downloaded and installed when a user visits a compromised or malicious website, without any user interaction or consent.
Peer-to-Peer (P2P) Networks: Ransomware may be distributed through peer-to-peer file-sharing networks, disguised as legitimate software or media files. Unsuspecting users download and execute these files, inadvertently infecting their systems with ransomware.
Malicious Links in Instant Messaging and Social Media: Cybercriminals use social engineering tactics to distribute ransomware via instant messaging platforms, social media platforms, or other online communication channels. They may send malicious links or files disguised as legitimate content.
