Ehiz Ransomware – a Stop/Djvu Ransomware Family Member that Holds Personal Files Hostage for a Ransom
Enterprising cybercriminals are always looking for new ways to extort money from innocent computer users. Ehiz Ransomware is another infection that is part of the STOP/Djvu Ransomware family collection. It has been discovered locking files and demanding a ransom, similar to other associated ransomware strains within the same group. If you tend to install applications from misleading and/or potentially unreliable third-party sites, you may end up exposing yourself to threats like Ehiz Ransomware.
Ehiz Ransomware, like most other ransomware variants, was developed by hackers to extract money from innocent computer users by locking their important files and demanding ransom. The infection is categorized as a data-encrypting program that can corrupt and encrypt multiple file types, including photos, music, documents, and videos. Ehiz Ransomware, upon installation, appends the .Ehiz file extension to encrypted files and leaves a ransom note named !README!.txt in every folder containing encrypted files.
Unfortunately, victims of Ehiz ransomware will not have access to a free decryption tool at the moment. The only reliable way to recover files is to restore them from a backup or use alternative data recovery options. Criminals promise to provide a decryptor in exchange for payment in Bitcoin, but the possibility exists that you may pay and never receive the decryption tool with the key.
As far as the distribution is concerned, Ehiz Ransomware spreads just like many other ransomware variants do. It can spread through malicious spam emails or via poisonous third-party websites, and then it can also use Remote Desktop Protocol to access the target computer remotely. Once on the computer, the infection encrypts most of the user’s files with the AES-256 encryption algorithm and then demands a ransom in exchange for the decryption key.
The Ehiz Ransomware note reads in part: ATTENTION! Don’t worry, you can return all your files! All your files like pictures, databases, documents and other important are encrypted with strongest encryption and unique key. The only method of recovering files is to purchase decrypt tool and unique key for you. This software will decrypt all your encrypted files. What guarantees you have? You can send one of your encrypted file from your PC and we decrypt it for free. But we can decrypt only 1 file for free. File must not contain valuable information. Price of private key and decrypt software is $980. Discount 50% available if you contact us first 72 hours, that’s price for you is $490.
To protect yourself from an Ehiz Ransomware attack, you should maintain adequate backups of your valuable files to ensure access to your important files even in the event of a malware or ransomware attack. Additionally, you should have a reputable malware remediation tool installed on your computer.
