- This topic has 0 replies, 1 voice, and was last updated 6 years, 4 months ago by .
About Apocalypse Virus
This ransom virus encrypts data and append file extension to something like .encrypted, .SecureCrypted, .bleepYourFiles depending on the malware version. It then prompts victims to contact attacker via given email address. To instruct victims, Apocalypse virus will leave a note stating the following:
IF YOU ARE READING THIS MESSAGE, ALL THE FILES IN THIS COMPUTER HAVE BEEN CRYPTED!!
documents, pictures, videos, audio, backups, etc
IF YOU WANT TO RECOVER YOUR DATA, CONTACT THE EMAIL BELOW.
WE WILL PROVIDE DECRYPTION SOFTWARE TO RECOVER YOUR FILES.
IF YOU DONT CONTACT BEFORE 72 HOURS, ALL DATA WILL BE LOST FOREVER
Apocalypse ransomware first appeared on 9th of May 2016. It mainly attacks unsecured company networks with weak remote desktop passwords. This ransom virus uses email address as email@example.com, firstname.lastname@example.org, email@example.com, firstname.lastname@example.org to communicate with victims.
Second variant was seen on 9th of June 2016. This version is installed as windowsupdate.exe under Program Files folder. It prompts user to email the author at email@example.com to receive decryption instructions.
Then, on 22nd of June 2016, another version was revealed. It drops previous file name and it uses firefox update checker (firefox.exe) as the new executable. Email address provided this time is firstname.lastname@example.org.
Notable Apocalypse encrypted file extensions:
Notable Apocalypse ransom note files are:
Download Apocalypse Decryptor: