Chaos Ransomware was originally thought to be a variant of the infamous Ryuk Ransomware, but upon subsequent research, the initial version of the threat was found to be more akin to a wiper. It replaced the contents of the affected files with random bytes and then encoded them in the Base64 encoding scheme, usually used to embed image files inside textual assets or to send email attachments.
ZEUS Ransomware happens to be another infection variant based on Chaos Ransomware. ZEUS Ransomware is capable of encrypting numerous file types that include documents, archives, databases, images, and PDFs. The threat then creates a different random 4-character string for each victim and appends it to the original names of the locked files.
ZEUS Ransomware then delivers a ransom note with instructions in the form of a text file named ‘read_it.txt.’ The default desktop wallpaper of the infected systems also will be switched to a new one carried by the malware.
The messages inside the text file and the one shown as a desktop background are both written in Indonesian and lack any translations into other languages. This may signify that the hackers behind ZEUS Ransomware may be heavily focused on targeting victims in that region. The hackers can be contacted at two different email addresses which are ‘zeussec1337@gmail.com’ and ‘ANONSEC4444@GMAIL.COM.’ They also have a Facebook account at ‘zeussec1337,’ and a Telegram account which is ‘@ZeusSec1337.’
Although cooperating with hackers may seem like the easiest way to resolve the situation, we never suggest paying any ransom or even communicating with them, as there is no guarantee that they will decrypt your files, even after payment has been made.
How Do I Deal with the ZEUS Ransomware Attack?
To protect yourself from the ZEUS Ransomware attack, you should practice safe web browsing habits like refraining from opening email attachments from unknown senders and downloading programs from unreliable sources. You should also have a reputable malware remediation tool installed on your computer. That way, you can regularly scan for elements associated with this troublesome ransomware infection and other malware. Also, to reduce the potential damage of a future ransomware infection, please consider backing up your files on an external hard drive or cloud storage.
