What is the Poqw Ransomware?

ransomware

Poqw is a type of ransomware that encrypts files and adds the extension ".poqw" to the filenames. It was discovered while analyzing malware samples submitted to online threat databases. Poqw may be bundled together with information stealers such as Vidar and RedLine stealer.

The ransom note left by Poqw contains two email addresses, support@freshmail.top and datarestorehelp@airmail.cc, urging victims to contact the attackers within 72 hours or else they will have to pay $980 instead of $490 for the decryption software and key.

In order to prove their legitimacy, Poqw's creators offer victims a free decryption of one file if it does not contain valuable information. This is done by sending the encrypted file to the cybercriminals before paying any ransom money.

It is important for users to be aware of Poqw ransomware in order to protect their data from being encrypted and held hostage by malicious actors. Taking preventative measures such as regularly backing up data can help reduce the risk of becoming a victim of this type of attack.

The full Poqw ransomware note reads as follows:

ATTENTION!

Don't worry, you can return all your files!
All your files like pictures, databases, documents and other important are encrypted with strongest encryption and unique key.
The only method of recovering files is to purchase decrypt tool and unique key for you.
This software will decrypt all your encrypted files.
What guarantees you have?
You can send one of your encrypted file from your PC and we decrypt it for free.
But we can decrypt only 1 file for free. File must not contain valuable information.
You can get and look video overview decrypt tool:
hxxps://we.tl/t-GTrvfBi8hs
Price of private key and decrypt software is $980.
Discount 50% available if you contact us first 72 hours, that's price for you is $490.
Please note that you'll never restore your data without payment.
Check your e-mail "Spam" or "Junk" folder if you don't get answer more than 6 hours.

To get this software you need write on our e-mail:
support@freshmail.top

Reserve e-mail address to contact us:
datarestorehelp@airmail.cc

Your personal ID:

How can you protect your computer from ransomware like Poqw?

In order to protect yourself from ransomware, it is important to take preventative measures such as regularly backing up your data. This way, if you do become a victim of ransomware, you can restore your files from the backup without having to pay the ransom. Additionally, it is important to be aware of the latest threats and keep your computer and software up-to-date with the latest security patches. It is also recommended to use strong passwords and two-factor authentication when available. Finally, avoid clicking on suspicious links or downloading attachments from unknown sources as these can contain malicious code that could lead to a ransomware attack.

What can you do to safeguard your files against ransomware like Poqw?

In order to safeguard your data against ransomware, it is important to take preventative measures such as regularly backing up your data. This way, if you do become a victim of ransomware, you can restore your files from the backup without having to pay the ransom. Additionally, it is important to be aware of the latest threats and keep your computer and software up-to-date with the latest security patches. It is also recommended to use strong passwords and two-factor authentication when available. Finally, avoid clicking on suspicious links or downloading attachments from unknown sources as these can contain malicious code that could lead to a ransomware attack.

It is also important to ensure that all of your devices are protected with antivirus software and firewalls in order to detect any malicious activity before it can cause damage. Additionally, make sure that all of your devices are running the latest version of their operating system as this will help protect them from known vulnerabilities. Furthermore, users should be careful when opening emails or visiting websites as these can be used by cybercriminals to deliver ransomware payloads. Finally, users should always practice safe browsing habits and only download software from trusted sources in order to reduce their risk of becoming a victim of ransomware attacks.

January 16, 2023