ZAPS Ransomware Appears to be Another STOP/Djvu Variant
ZAPS Ransomware is another addition to the STOP/Djvu Ransomware family. Like other related variants, it mostly spreads via unreliable downloads, phishing emails, and questionable advertising content, among other methods.
ZAPS Ransomware’s owners seek to extort funds from victims by locking their data and then demanding a ransom payment in exchange for a file decryptor. Almost any file type can be affected, including photos, music, documents, and videos.
ZAPS Ransomware appends affected files with the ‘.ZAPS’ suffix and drops a ransom note on the user’s desktop in the form of the ‘_readme.txt’ document. The ransom note, which asks the victim to pay $490 for file decryption, also provides the contact information to communicate and ask hackers any questions. The victims are asked to establish communication via these emails: helpteam@mail.ch and helpmanager@airmail.cc.
Should victims try to contact the criminals through the emails, they will be told to send one file to the attackers to have it decrypted for free. That would be proof that the hackers can unlock the victim’s files upon paying the ransom. The emails can also be used to communicate with the perpetrators, but this is not advisable – they will not help you for free, and paying does not guarantee that you will see your files decrypted or even receive any decryption tools.
Dealing with a ZAPS Ransomware Infection
If you get infected with ZAPS Ransomware, you should scan for and remove ZAPS Ransomware using a reputable anti-malware tool. Additionally, to mitigate damages in the event of a future attack, you should keep backup copies of your valuable data in an external or a cloud drive.
