Rapid Ransomware Will Lock Your System

Rapid, a type of ransomware affiliated with the MedusaLocker family, was identified during an analysis of samples on VirusTotal. The primary objective of Rapid is to impede access to files through encryption. Additionally, the ransomware alters file names by appending its own extension and generates a ransom note named "How_to_back_files.html."

Files are given the ".rapid3" extension, with the specific number in the extension varying. For example, "1.jpg" becomes "1.jpg.rapid3," and "2.png" becomes "2.png.rapid3."

The ransom note asserts that essential files have been encrypted using RSA and AES algorithms. It strongly advises against attempting file restoration using third-party software, claiming it would result in irreversible corruption. The note emphasizes that no internet-available software can resolve the issue, insisting that the only viable solution lies with the attackers.

The ransomers allege to have acquired highly sensitive data, stored on a private server, which will be deleted upon payment. Non-compliance may result in the public disclosure of this data. Contact details (ithelp07@securitymy.name and ithelp07@yousheltered.com email addresses) are provided, accompanied by a warning that failure to respond within 72 hours will lead to an increased ransom amount.

Rapid Ransom Note Uses Usual MedusaLocker Format

The complete text of the ransom note generated by Rapid reads as follows:

YOUR PERSONAL ID:

YOUR COMPANY NETWORK HAS BEEN PENETRATED
All your important files have been encrypted!

Your files are safe! Only modified. (RSA+AES)

ANY ATTEMPT TO RESTORE YOUR FILES WITH THIRD-PARTY SOFTWARE
WILL PERMANENTLY CORRUPT IT.
DO NOT MODIFY ENCRYPTED FILES.
DO NOT RENAME ENCRYPTED FILES.

No software available on internet can help you. We are the only ones able to
solve your problem.

We gathered highly confidential/personal data. These data are currently stored on
a private server. This server will be immediately destroyed after your payment.
If you decide to not pay, we will release your data to public or re-seller.
So you can expect your data to be publicly available in the near future..

We only seek money and our goal is not to damage your reputation or prevent
your business from running.

You will can send us 2-3 non-important files and we will decrypt it for free
to prove we are able to give your files back.

Contact us for price and get decryption software.

email:
ithelp07@securitymy.name
ithelp07@yousheltered.com
To contact us, create a new free email account on the site: protonmail.com
IF YOU DON'T CONTACT US WITHIN 72 HOURS, PRICE WILL BE HIGHER.

Tor-chat to always be in touch:

How Can You Best Protect Your Data from Ransomware Attacks?

Protecting your data from ransomware attacks is crucial to ensure the security and integrity of your information. Here are several best practices to help safeguard your data:

Backup Regularly:
Perform regular backups of your important data. Ensure that backups are stored in a location not directly accessible from your network to prevent ransomware from encrypting them.

Use Reliable Security Software:
Install and regularly update reputable antivirus and anti-malware software. This helps detect and prevent ransomware infections.

Keep Software Updated:
Regularly update your operating system, software, and applications. Software updates often include security patches that can protect your system from known vulnerabilities.

Exercise Caution with Emails:
Be cautious when opening emails, especially those from unknown senders. Avoid clicking on links or downloading attachments from suspicious or unexpected emails.

Enable Email Filtering:
Use email filtering solutions to detect and filter out malicious emails before they reach your inbox. This can help prevent phishing attacks that may lead to ransomware infections.