Uajs Ransomware Locks Most File Types

After analyzing malware samples, we discovered that Uajs belongs to the Djvu ransomware group. Uajs functions by encrypting files and appending the ".uajs" extension to their filenames. For example, it changes "1.jpg" to "1.jpg.uajs", "2.png" to "2.png.uajs", and so forth.

Additionally, Uajs generates a ransom note in the form of a text file named "_README.txt". It's worth noting that those responsible for Djvu ransomware often integrate data-stealing malware such as Vidar or RedLine into their malicious endeavors.

The ransom note specifies that a wide range of files, including images, databases, and documents, have been encrypted using a robust algorithm. The sole means of restoring these files is by acquiring a specialized decryption tool and a unique key. The perpetrators demand a payment of $999 for these decryption tools, offering a 50% discount if the victim contacts them within 72 hours.

Furthermore, the cybercriminals offer to demonstrate their decryption capabilities by decrypting one file free of charge. However, they specify that the submitted file should not contain valuable information. The email addresses provided for contacting the cybercriminals are support@freshingmail.top and datarestorehelpyou@airmail.cc.

Uajs Ransom Note Demands $999

The full text of the Uajs ransom note reads as follows:

ATTENTION!

Don't worry, you can return all your files!
All your files like pictures, databases, documents and other important are encrypted with strongest encryption and unique key.
The only method of recovering files is to purchase decrypt tool and unique key for you.
This software will decrypt all your encrypted files.
What guarantees you have?
You can send one of your encrypted file from your PC and we decrypt it for free.
But we can decrypt only 1 file for free. File must not contain valuable information.
Do not ask assistants from youtube and recovery data sites for help in recovering your data.
They can use your free decryption quota and scam you.
Our contact is emails in this text document only.
You can get and look video overview decrypt tool:

Price of private key and decrypt software is $999.
Discount 50% available if you contact us first 72 hours, that's price for you is $499.
Please note that you'll never restore your data without payment.
Check your e-mail "Spam" or "Junk" folder if you don't get answer more than 6 hours.

To get this software you need write on our e-mail:
support@freshingmail.top

Reserve e-mail address to contact us:
datarestorehelpyou@airmail.cc

Your personal ID:

How Can Ransomware Like Uajs Infect Your System?

Ransomware like Uajs can infect your system through various means, primarily exploiting vulnerabilities in software or through social engineering tactics. Here are some common infection vectors:

Phishing Emails: One of the most prevalent methods is through phishing emails. Attackers send deceptive emails containing malicious attachments or links. Clicking on these links or downloading attachments can trigger the installation of ransomware.

Malicious Websites: Visiting compromised or malicious websites can also lead to ransomware infections. These websites may exploit vulnerabilities in your browser or plugins to deliver malware onto your system without your knowledge.

Exploiting Software Vulnerabilities: Ransomware can exploit vulnerabilities in software or operating systems to gain unauthorized access to your system. It's crucial to keep your software, including your operating system, web browsers, and plugins, updated with the latest security patches to mitigate these risks.

Drive-by Downloads: Drive-by downloads occur when malware is automatically downloaded and installed on your system without your consent while visiting a compromised website. This often happens through malicious scripts or exploit kits embedded in the website's code.

Malvertising: Malvertising involves the dissemination of malicious advertisements on legitimate websites. Clicking on these ads can redirect users to websites hosting ransomware or trigger the automatic download of ransomware onto the system.

Software Downloads from Untrusted Sources: Downloading software or files from untrusted or pirated sources can expose your system to ransomware. These downloads may contain hidden malware payloads that execute upon installation.

To protect your system from ransomware infections, it's essential to implement robust cybersecurity measures, including regular software updates, antivirus software, email filtering, user education, and exercising caution when interacting with online content. Additionally, maintaining up-to-date backups of your important data can help mitigate the impact of a ransomware attack.