ZareuS Ransomware

ZareuS ransomware is a new strain of malware that encrypts files and renders them unusable. The new ransomware doesn't seem to belong to any existing big malware family, even though the SamSam ransomware variants use a ransom note with a very similar name.

ZareuS encrypts common file types, including popular media file extensions, databases, archives and documents. Once encrypted, the files receive a new extension appendix in the form of ".ZareuS", hence the name of the ransomware.

The ransom demand is dropped inside a file called "HELP_DECRYPT_YOUR_FILES.txt". The note also promises the "free" decryption of one file, as proof that the hackers actually possess a working decryptor and the ransomware is not really a wiper. The ransom expected is $980 - a commonly used sum shared across many strains of recent ransomware variants.

The full text of the ransom note is as follows:

Oops All Of your important files were encrypted Like document pictures videos etc..

Don't worry, you can return all your files!

All your files, documents, photos, databases and other important files are encrypted by a strong encryption.

How to recover files?

RSA is a asymmetric cryptographic algorithm, you need one key for encryption and one key for decryption so you need private key to recover your files. It’s not possible to recover your files without private key.

The only method of recovering files is to purchase an unique private key.Only we can give you this key and only we can recover your files.

What guarantees you have?

As evidence, you can send us 1 file to decrypt by email We will send you a recovery file  Prove that we can decrypt your file

Please You must follow these steps carefully to decrypt your files:

Send $980 worth of bitcoin to wallet: [alphanumeric string]

after payment,we will send you Decryptor software

contact email: Lock-Ransom at protonmail dot com

Your personal ID: