Yzqe Ransomware Will Lock Your System
While examining new malware samples, we encountered the Yzqe ransomware, which is linked to the Djvu family. When it infiltrates a computer, this ransomware encrypts files and adds the ".yzqe" extension to their names. For example, a file named "1.jpg" would become "1.jpg.yzqe," and "2.png" would change to "2.png.yzqe."
In addition to file encryption, Yzqe also generates a ransom note inside a text file called "_readme.txt." The distribution of Yzqe may involve information-stealing malware such as Vidar. Cybercriminals often use these stealers to obtain sensitive data before deploying the Djvu ransomware for data encryption purposes.
The ransom note underscores that file decryption depends on specialized decryption software and a unique key. It provides instructions to victims, directing them to initiate contact with the attackers using the provided email addresses (support@freshmail.top or datarestorehelp@airmail.cc) for further assistance.
Furthermore, the ransom note presents two ransom amounts, namely $980 and $490, indicating that victims may be eligible for a discount on the decryption tools if they communicate with the attackers within a 72-hour timeframe.
Table of Contents
Yzqe Ransom Note Copies Djvu’s Template
The full text of the Yzqe ransom note reads as follows:
ATTENTION!
Don't worry, you can return all your files!
All your files like pictures, databases, documents and other important are encrypted with strongest encryption and unique key.
The only method of recovering files is to purchase decrypt tool and unique key for you.
This software will decrypt all your encrypted files.
What guarantees you have?
You can send one of your encrypted file from your PC and we decrypt it for free.
But we can decrypt only 1 file for free. File must not contain valuable information.
You can get and look video overview decrypt tool:
hxxps://go.wetransfer.com/t-Z4jZBpJ1EK
Price of private key and decrypt software is $980.
Discount 50% available if you contact us first 72 hours, that's price for you is $490.
Please note that you'll never restore your data without payment.
Check your e-mail "Spam" or "Junk" folder if you don't get answer more than 6 hours.To get this software you need write on our e-mail:
support@freshmail.topReserve e-mail address to contact us:
datarestorehelp@airmail.ccYour personal ID:
How Can You Safeguard Your Data Against Ransomware?
Protecting your data against ransomware is essential to prevent the potentially devastating consequences of a ransomware attack. Here are several key steps you can take to safeguard your data:
Backup Your Data:
Regularly back up your data to an offline or offsite location. This ensures you have clean, uninfected copies of your files to restore in case of an attack.
Use Reliable Antivirus Software:
Install and regularly update reputable antivirus and anti-malware software to detect and prevent ransomware infections.
Keep Software Up to Date:
Keep your operating system and all software, including web browsers and plugins, up to date. Many ransomware attacks exploit known vulnerabilities, which are often patched in updates.
Enable Firewall and Intrusion Detection:
Utilize a firewall and intrusion detection system to block suspicious network activity and potential threats.
Implement Email Security Measures:
Be cautious when opening email attachments or clicking on links. Use email filtering software to block malicious emails.