What is the Sickfile Ransomware?

ransomware

Sickfile is a ransomware-type program that our researchers recently discovered. Upon execution, it encrypts files and appends them with a ".sickfile" extension. This means that a file titled "1.jpg" will appear as "1.jpg.sickfile", and so on for all affected files.

The ransomware then creates a ransom-demanding message called "how_to_back_files.html". It is clear from the note that Sickfile targets large entities rather than home users, as it states that their company networks have been breached and sensitive data has been exfiltrated.

Victims are warned not to attempt to modify or rename the encrypted files, or use third-party decryption software, as this will render them undecryptable. To restore the affected files, they must pay a ransom within 72 hours; otherwise, the sum will increase and the stolen data may be leaked or sold if payment is refused altogether.

Sickfile ransomware is an insidious threat that can cause serious damage to businesses if left unchecked. It is important for organizations to ensure that their networks are secure and up-to-date with the latest security patches, as well as to have a reliable backup system in place in case of an attack.

The Sickfile ransom note in full

The complete text of the Sickfile ransom note reads as follows:

YOUR PERSONAL ID:

/!\ YOUR COMPANY NETWORK HAS BEEN PENETRATED /!\
All your important files have been encrypted!

Your files are safe! Only modified. (RSA+AES)

ANY ATTEMPT TO RESTORE YOUR FILES WITH THIRD-PARTY SOFTWARE
WILL PERMANENTLY CORRUPT IT.
DO NOT MODIFY ENCRYPTED FILES.
DO NOT RENAME ENCRYPTED FILES.

No software available on internet can help you. We are the only ones able to
solve your problem.

We gathered highly confidential/personal data. These data are currently stored on
a private server. This server will be immediately destroyed after your payment.
If you decide to not pay, we will release your data to public or re-seller.
So you can expect your data to be publicly available in the near future..

We only seek money and our goal is not to damage your reputation or prevent
your business from running.

You will can send us 2-3 non-important files and we will decrypt it for free
to prove we are able to give your files back.

Contact us for price and get decryption software.

Follow the instructions to open the link:

  1. Start a chat and follow the further instructions.
    If you can not use the above link, use the email:
    doctorhelperss@gmail.com
    helpersdoctor@outlook.com

To contact us, create a new free email account on the site: protonmail.com
IF YOU DON'T CONTACT US WITHIN 72 HOURS, PRICE WILL BE HIGHER.

Why is it not a good idea to pay ransom to cybercriminals similar to the hackers who operate the Sickfile ransomware?

It is not a good idea to pay ransom to cybercriminals similar to the hackers who operate the Sickfile ransomware for several reasons. Firstly, there is no guarantee that paying the ransom will result in the files being decrypted or returned. Cybercriminals may take the money and not follow through with their promise, leaving victims out of pocket and still without access to their data.

Secondly, paying a ransom encourages cybercriminals to continue their malicious activities as it provides them with a financial incentive. This could lead to more attacks on other organizations in future, which could have serious consequences for businesses and individuals alike. Finally, paying a ransom could also put an organization at risk of further attacks from the same criminals, as they may view them as an easy target due to their willingness to pay up. For these reasons, it is generally advised that organizations do not pay ransoms and instead focus on preventing such attacks in the first place.

How can you protect your system from ransomware like Sickfile?

In order to protect your system from ransomware like Sickfile, it is important to take a proactive approach to cybersecurity. This includes regularly updating software and operating systems, using strong passwords and two-factor authentication, and avoiding clicking on suspicious links or downloading files from untrusted sources.

Additionally, organizations should ensure that their networks are secure by implementing firewalls and other security measures. It is also important to have a reliable backup system in place so that if an attack does occur, the data can be restored quickly without having to pay a ransom. Finally, it is essential for organizations to educate their employees on the risks of ransomware and how they can help protect against it.

January 30, 2023
Loading...

Cyclonis Backup Details & Terms

The Free Basic Cyclonis Backup plan gives you 2 GB of cloud storage space with full functionality! No credit card required. Need more storage space? Purchase a larger Cyclonis Backup plan today! To learn more about our policies and pricing, see Terms of Service, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Cyclonis Password Manager Details & Terms

FREE Trial: 30-Day One-Time Offer! No credit card required for Free Trial. Full functionality for the length of the Free Trial. (Full functionality after Free Trial requires subscription purchase.) To learn more about our policies and pricing, see EULA, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.