Zipp3rs Ransomware is a New Xorist Clone Targeting Files for Encryption

ransomware

During our analysis of new malware submissions, we came across Zipp3rs, a malicious program classified as ransomware, belonging to the Xorist ransomware family.

On our testing system, Zipp3rs encrypted files and added a ".zipp3rs" extension to their names. For instance, a file named "1.jpg" became "1.jpg.zipp3rs" after being encrypted. This ransomware also displayed a pop-up window and a text file named "HOW TO DECRYPT FILES.txt" containing ransom notes in Portuguese that were identical. Zipp3rs' ransom note informs the victim that their data and backups have been encrypted and sets a deadline for the victim to contact the cyber criminals for file decryption.

The note also cautions against renaming or deleting encrypted files, which could result in permanent data loss, though it does not explicitly mention this.

Zipp3rs Ransom Note Written in Portuguese

The full text of the brief Zipp3rs ransom note reads as follows:

Todos Dados/Backups foram criptografados
a unica forma de obter os dados em seu perfeito estado
entrar em contato no Email: blymer@xyzmailpro.com
prazo max para o contato 09/05/2023 12:00 ID-424316
(N = NãO)

  • N delete arquivos trancados
  • N não renomeie os arquivos trancados .zipp3rs
  • N não poste esta mensagem em nenhum site
    nem denuncie pois podem bloquear este email.

How Can You Protect Your System from Ransomware Infections Like Zipp3rs?

There are several steps you can take to protect your system from ransomware infections like Zipp3rs:

  • Install and regularly update reliable antivirus software: Antivirus software can help identify and remove known ransomware threats.
  • Keep your operating system and software up to date: Software updates often include security patches that address vulnerabilities that can be exploited by ransomware.
  • Be cautious when opening email attachments and downloading files: Only open attachments and download files from trusted sources, and be wary of unsolicited emails or unexpected attachments.
  • Backup your data regularly: In the event of a ransomware attack, having a recent backup of your data can be invaluable. Make sure to store your backups in a secure location and test your backups regularly to ensure they can be restored if needed.
  • Use strong, unique passwords: Strong passwords can help prevent unauthorized access to your system and reduce the risk of a ransomware attack.
  • Disable macros in Microsoft Office files: Ransomware often uses macros in Office files to infect systems, so disabling macros can help reduce the risk of an attack.
By Zaib
May 11, 2023
Ransomware
English
May 11, 2023
Ransomware

Popular Posts

As Fears of the Coronavirus Pandemic Spread, So Does...

4 years ago

Pinaview is a Fully-Featured Adware App

7 months ago

What is the RSEngineSvc.exe File and Process?

12 months ago

'American Express - Update Your Account Information' Email Scam

2 months ago

"Your iCloud is Being Hacked" and "Your iPhone has Been...

4 months ago

Aluc Service Cryptomining Malware

1 month ago

Related Posts

Ransomware

Rans-A Ransomware is an Xorist Variant Seeking Files for Encryption

During our analysis of malware samples, our team has identified a new type of ransomware known as Rans-A, which belongs to the Xorist family. This ransomware functions by encrypting files and then adding the extension... Read more

March 24, 2023
Ransomware

Hhoo Ransomware Joins Host of Djvu Clones Targeting Files for Encryption

Our team discovered a new variant of ransomware belonging to the Djvu family called Hhoo while analyzing malware samples submitted to online threat analysis databases. Hhoo encrypts files and modifies the filenames by... Read more

February 16, 2023
Ransomware

Wikon Ransomware is an Xorist Clone Targeting Random Files For Encryption

While analyzing malware samples, our researchers came across a new variant of the Xorist ransomware family called WiKoN. This ransomware encrypts files, modifies their extensions by appending ".WiKoN," alters the... Read more

April 4, 2023
English
Loading...

Cyclonis Backup Details & Terms

The Free Basic Cyclonis Backup plan gives you 2 GB of cloud storage space with full functionality! No credit card required. Need more storage space? Purchase a larger Cyclonis Backup plan today! To learn more about our policies and pricing, see Terms of Service, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Cyclonis Password Manager Details & Terms

FREE Trial: 30-Day One-Time Offer! No credit card required for Free Trial. Full functionality for the length of the Free Trial. (Full functionality after Free Trial requires subscription purchase.) To learn more about our policies and pricing, see EULA, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Home

Products

Cyclonis Backup Cyclonis Password Manager Cyclonis World Time

Support

Help Files FAQs Downloads Inquiries & Support

Company

About Us Contact Us Report Abuse

Legal (Post Merger)

EnigmaSoft Limited (fka Cyclonis Limited)

Cyclonis Backup's Terms of Service Cyclonis Password Manager's EULA Cyclonis World Time's Terms of Service Privacy Policy Cookie Policy Special Discount Offer Terms Additional Terms & Conditions SpyHunter EULA RegHunter EULA EnigmaSoft Privacy Policy & Cookie Policy ESG Privacy Policy & Cookie Policy EnigmaSoft Discount Offer Terms ESG Discount Offer Terms

© 2017-2023 Cyclonis Ltd. CYCLONIS is a trademark of EnigmaSoft Limited (Cyclonis was merged into EnigmaSoft Limited effective November 25, 2023.) All rights reserved.

Registered Office EnigmaSoft Limited: 1 Castle Street, 3rd Floor, Dublin 2 D02 XD82, Ireland.
EnigmaSoft Limited, Private Company Limited by shares, Company Registration Number 597114.

Windows is a trademark of Microsoft, registered in the U.S. and other countries.
Mac, iPhone, iPad and App Store are trademarks of Apple Inc., registered in the U.S. and other countries.
iOS is a registered trademark of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
Android and Google Play are trademarks of Google LLC.