![]() ![]() Victims are instructed to contact the user (the attackers behind XHAMSTER) on ICQ for payment details. Screenshot of files encrypted by XHAMSTER ransomware:Īs stated in XHAMSTER's ransom notes, all files have been encrypted and cannot be decrypted without payment. This ransomware variant is part of the Phobos family. XHAMSTER displays a pop-up window (" info.hta") and creates a text file (" info.txt") for that. As a rule, malware of this type provides instructions on how to contact the attackers and other information by generating a ransom note. More precisely, it renames a file named " 1.jpg" to " " 2.jpg" to " and so on. Also, it renames files by appending the victim's ID, ICQ username, and ". Ransomware is a form of malware that cybercriminals use to blackmail their victims: it encrypts files and keeps them inaccessible (unusable) unless the victim decrypts them with the right decryption tool that only the attackers can provide. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |