Weqp Ransomware Locks Victim Systems
After carefully analyzing malware samples, our team of experts specializing in malware detection has identified a new variant called Weqp, which belongs to the Djvu ransomware family. Weqp functions by encrypting data and adding the ".weqp" extension to the files it compromises. In addition, it generates a ransom note named "_readme.txt".
To illustrate its file manipulation behavior, Weqp will modify the names of files such as "1.jpg" to "1.jpg.weqp" and "2.png" to "2.png.weqp," continuing in a similar fashion. It's worth mentioning that Djvu ransomware variants are frequently distributed alongside information-stealing malware.
The message left by the attackers emphasizes that the files have been securely encrypted, and the only viable method to regain access to them is by obtaining specialized decryption software along with a unique key. The tools required for decryption are priced at $980, but a 50% discount is offered to victims who contact the attackers within 72 hours, effectively reducing the price to $490.
The ransom note underscores that payment is the sole avenue for victims to restore their files. To prove their ability to decrypt files, the attackers offer to decrypt a single file free of charge. The note provides two email addresses, namely support@freshmail.top and datarestorehelp@airmail.cc, as the means for victims to establish contact with the perpetrators.
Weqp Ransom Note Asks for $490
The full text of the Weqp ransom note reads as follows:
ATTENTION!
Don't worry, you can return all your files!
All your files like pictures, databases, documents and other important are encrypted with strongest encryption and unique key.
The only method of recovering files is to purchase decrypt tool and unique key for you.
This software will decrypt all your encrypted files.
What guarantees you have?
You can send one of your encrypted file from your PC and we decrypt it for free.
But we can decrypt only 1 file for free. File must not contain valuable information.
You can get and look video overview decrypt tool:
hxxps://we.tl/t-3q8YguI9qh
Price of private key and decrypt software is $980.
Discount 50% available if you contact us first 72 hours, that's price for you is $490.
Please note that you'll never restore your data without payment.
Check your e-mail "Spam" or "Junk" folder if you don't get answer more than 6 hours.To get this software you need write on our e-mail:
support@freshmail.topReserve e-mail address to contact us:
datarestorehelp@airmail.ccYour personal ID:
How Can Ransomware Like Weqp Get on Your Computer?
Once ransomware like Weqp is on your computer, it can quickly spread to other computers on the same network. This is done by exploiting security vulnerabilities, or by taking advantage of users' poor security practices. It's important to remain vigilant and take measures to protect yourself from ransomware attacks.
First, make sure that you always keep your operating system, software programs, and antivirus programs up to date with the latest security patches. Outdated programs are more vulnerable to attack and can be exploited by ransomware threats.
Second, only download software from official sources or reputable websites. Be wary of clicking on suspicious links, as they could lead to malicious websites that contain malware or ransomware.
Third, create a good backup strategy in case your files become encrypted by ransomware. Make sure to back up files regularly and store the copies in a secure location, such as an external drive or cloud storage service.
Fourth, establish strong passwords for all of your online accounts and avoid using the same password across multiple sites. Additionally, enable two-factor authentication if available, so that you can be alerted whenever someone attempts to access your accounts.
Finally, use a reliable antiv irus program to scan your computer regularly and protect against malicious attacks.
