Yzoo Ransomware Will Hold Your Files Hostage
While examining a set of malicious software samples, we came across Yzoo ransomware, a member of the Djvu malware family. Once it infiltrates a computer, this malicious program encrypts files and appends the ".Yzoo" extension to their file names. For example, it will transform "1.jpg" into "1.jpg.Yzoo" and "2.png" into "2.png.Yzoo."
Yzoo also generates a ransom message in the form of a text document named "_readme.txt." Additionally, the distribution of Yzoo may involve other types of malware specifically designed for data theft, such as Vidar or RedLine.
The message clarifies that all files, encompassing images, databases, documents, and vital data, have been securely and distinctively encrypted. It instructs victims to acquire a decryption tool and a key in order to regain access to their files.
The cost for obtaining the private key and decryption software is $980, although victims are eligible for a 50% discount if they reach out to the cybercriminals responsible for the attack within 72 hours, thereby reducing the cost to $490. The message underscores that data recovery will only be possible upon payment.
Two email addresses are provided for contacting the perpetrators: restorealldata@firemail.cc and gorentos@bitmessage.ch.
Yzoo Ransom Note in Full
The complete text of the Yzoo ransom note reads as follows:
ATTENTION!
Don't worry, you can return all your files!
All your files like photos, databases, documents and other important are encrypted with strongest encryption and unique key.
The only method of recovering files is to purchase decrypt tool and unique key for you.
This software will decrypt all your encrypted files.
What guarantees you have?
You can send one of your encrypted file from your PC and we decrypt it for free.
But we can decrypt only 1 file for free. File must not contain valuable information.
You can get and look video overview decrypt tool:
hxxps://we.tl/t-WbgTMF1Jmw
Price of private key and decrypt software is $980.
Discount 50% available if you contact us first 72 hours, that's price for you is $490.
Please note that you'll never restore your data without payment.
Check your e-mail "Spam" or "Junk" folder if you don't get answer more than 6 hours.To get this software you need write on our e-mail:
restorealldata@firemail.ccReserve e-mail address to contact us:
gorentos@bitmessage.chOur Telegram account:
@datarestoreYour personal ID:
How Can You Protect Your Data from Ransomware Attacks?
Protecting your data from ransomware attacks is essential in safeguarding your personal and business information. Here are several steps you can take to minimize the risk and impact of ransomware attacks:
Regularly Back Up Your Data:
Perform regular and automated backups of your important data to an external device or a cloud-based service. Ensure that backups are kept offline and isolated from your network to prevent ransomware from encrypting them.
Keep Software and Systems Up to Date:
Regularly update your operating system, software, and applications to patch vulnerabilities that cybercriminals may exploit. Enable automatic updates whenever possible.
Use Reliable Security Software:
Install reputable antivirus and anti-malware software to provide real-time protection. Ensure your security software includes anti-ransomware features.
Be Cautious with Email and Attachments:
Exercise caution when opening email attachments or clicking on links, especially if the sender is unknown or the email seems suspicious. Enable email filtering to help detect and block malicious attachments.
Avoid Questionable Websites:
Be cautious while browsing the internet. Avoid visiting suspicious or untrustworthy websites that may host malicious content or ads.
Remember that there is no foolproof defense against ransomware, but by implementing proactive measures, you can significantly reduce the risk and minimize the potential impact of an attack on your data.
