In the course of our review of malware samples submitted to VirusTotal, it has been identified that Ljaz is ransomware belonging to the Djvu family. Ljaz encrypts files, appends its extension (".ljaz") to filenames), and creates the "_readme.txt" file (a ransom note).
An example of how Ljaz modifies filenames: it renames "1.jpg" to "1.jpg.ljaz", "2.png" to "2.png.ljaz", and so forth. Significantly, Djvu ransomware attacks frequently incorporate information stealers such as Vidar or RedLine, with cybercriminals intending to steal data before encrypting files.
The ransom note assures the victim that all their files, including pictures, databases, documents, and other crucial data, have been encrypted using the strongest encryption and a unique key. The only way to recover these files is by purchasing a decrypt tool and a unique key.
The attackers offer a guarantee by allowing the victim to send one encrypted file from their computer, which the attackers will decrypt for free as a demonstration. However, they stipulate that the file must not contain valuable information.
The ransom amount for the private key and decrypt software is $980, with a 50% discount available if the victim contacts the attackers within the first 72 hours, reducing the price to $490. The note warns that data restoration is impossible without payment.
In order to receive the decryption tools, the victim is instructed to write to the provided email address: support@freshmail.top. Additionally, a reserve email address is provided for contact: datarestorehelpyou@airmail.cc.
Victims are strongly advised against negotiating with ransomware attackers or making any ransom payments. Regrettably, obtaining access to files without payment is highly unlikely unless victims can locate an external decryption tool or possess backed-up copies of their files.
Additionally, it is crucial for victims to swiftly remove ransomware from compromised computers to prevent potential additional encryption and the further dissemination of the ransomware across a local network. Acting promptly in this regard is essential to reduce the impact and halt the advancement of the ransomware threat.
To sum up, ransomware continues to be a widespread and ever-changing menace, presenting substantial risks to individuals and organizations on a global scale. Diligent measures such as frequent data backups and strong security protocols play pivotal roles as essential safeguards against ransomware attacks.
Some examples of different ransomware variants are Isak Ransomware, HuiVJope Ransomware
Cybercriminals utilize diverse tactics to spread Djvu ransomware. They employ methods such as distributing pirated software, cracking tools, or key generators. Deceptive websites that falsely claim to offer YouTube video downloads, as well as emails containing malicious attachments or links, are also exploited as avenues to deceive users into unintentionally activating ransomware on their computer systems.
Exposure to malware can also occur by interacting with harmful advertisements and obtaining files and programs from peer-to-peer (P2P) networks, torrent websites, third-party downloaders, and similar sources. Another avenue for malware distribution is software vulnerabilities.
For More Infor Visit: Ljaz File Virus (Ransomware) Remove + Decrypt .Ljaz Files