Remove Yajoza Ransomware

Ransomware Protection

The Yajoza Ransomware is a dangerous file-encryption Trojan, which is usually delivered to victims with the help of fake downloads, deceptive advertisements and websites, or pirated media and software. Once running, the Yajoza Ransomware proceeds to lock the victims files by using a secure file-encryption method. It also marks the names of all files with the suffix '[golpayagob@gmail.com].[MJ-<VICTIM ID>].yajoza.' This file-locker has been identified as a modified variant of the VoidCrypt Ransomware family. Unfortunately, this is not good news – neither of these file-lockers is decryptable via free utilities, and their victims need to look for alternative data recovery options.

The attackers claim to have the decryption tool needed to unlock the victim's files, but they want to be paid a hefty sum of money in return. Of course, just like other cybercriminals, they also demand to be paid through Bitcoin in order to guarantee their anonymity, as well as to make the transactions irreversible.

The full instructions and demands of the attackers can be found in the file 'Decrypt-me.txt' that the Yajoza Ransomware drops on all infected devices. We advise victims to refrain from contacting the criminals or to even consider trying to purchase the decryptor. If you send them money, you risk being scammed. Instead, run an anti-malware tool to eliminate the Yajoza Ransomware safely. Once the file-locker is gone, you can try out popular data recovery tools or restore your files from a backup.

May 12, 2021

Leave a Reply