What is TeamDarkAnon Ransomware?


TeamDarkAnon is the unusual name of a new ransomware variant. The new strain does not belong to any specific larger family of ransomware clones.

TeamDarkAnon will encrypt the victim system and rename files as it encrypts them. Affected file types include all media, document, archive and database files. Once encrypted, files receive the ".anon" extension.

This process will turn a file from "image.jpg" into "image.jpg.anon" upon encryption.

Once it finishes encrypting all files, TeamDarkAnon will drop its ransom note inside a file named "read_it.txt". The full ransom note goes as follows:

Don't worry, you can return all your files!

All your files like documents, photos, databases and other important are encrypted

What guarantees do we give to you?

You must follow these steps To decrypt your files :

1) Open Telegram and Come @TeamDarkAnon

2) Obtain Bitcoin (You have to pay for decryption in Bitcoins.

After payment we will send you the tool that will decrypt all your files.)

It is becoming increasingly common for ransomware operators to use Telegram as their means of contacting the victims, due to the medium's privacy and encryption.

September 29, 2022