The STOP/Djvu Ransomware family has introduced another variant called MMUZ Ransomware. It mostly spreads via unreliable downloads, phishing emails, and questionable advertising content like other similar strains.
MMUZ Ransomware operators seek a quick payoff from victims by encrypting their critical data and then demanding a ransom payment in exchange for a file decryptor. MMUZ Ransomware locks most file types, including photos, music, documents, and videos.
Victims will initially learn of the MMUZ Ransomware infection when they discover that encrypted files have been appended with the ‘.MMUZ’ suffix. They will then find a ransom note on their desktop named “_readme.txt.” The note asks the victim to pay $980 for file decryption. Alternatively, victims could be charged $490 if the contact is made in the first 72 hours. The victim can also find the contact information to communicate with the hackers in the note.
Should victims try to contact the criminals through helpteam@mail.ch and helpmanager@airmail.cc, they will be advised to send one file to the attackers to have it decrypted for free. Supposedly, this should work as proof that the hackers can unlock the victim’s files upon receiving the ransom payment in full.
The emails can also be used to communicate with the hackers, but we never advise victims to engage with these criminals. They will certainly not help you for free, and paying a ransom never guarantees that you will receive any decryption tools.
How Do I Deal with an MMUZ Ransomware Attack?
To mitigate potential damages in the event of a ransomware attack, it is advisable to keep backups of your valuable files that can easily be reuploaded to another device. It is also strongly recommended that you employ a reputable anti-malware tool to scan for and remove MMUZ Ransomware.
